<p>A critical vulnerability has been announced, please update your sites. –</p>
The GHOST vulnerability was announced 2 days ago - a potentially critical vulnerability in glibc. During the January EGI Operations Management Board meeting the issue was discussed. During the discussion, it was mentioned that the attack surface for this exploit is quite small, rendering it less severe, but nonetheless critical.
EGI-ADV-20150130 was just announced. We’ve will be applying the fix to the core services and dev site, hopefully with zero downtime. All sites please update your packages.
For more info and support, contact your CSIRT, or hang out with us on Secops-white channel on Slack.
Even DevOpsReactions has something to say about it !
Tagged with AAROC • CSIRT • operations • security • updates • EGI-ADV-20150130
This is a companion discussion topic for the original entry at http://www.africa-grid.org//security/2015/01/30/EGI-ADV-20150130/