Last week a pretty low level bug in DNS in libc was exposed - http://arstechnica.com/security/2016/02/extremely-severe-bug-leaves-dizzying-number-of-apps-and-devices-vulnerable/
One of the ways that I didn't immediately consider this being bad is if
you run a mailserver. In attempting to deliver email mail, servers do
lookups on addresses. On one of my servers I noticed the following in
the logs.
Feb 20 06:26:53 serenity kernel: smtpd[26819]: segfault at 0 ip
00007fdc14979d66 sp 00007ffdd0efc810 error 6 in
libresolv-2.19.so[7fdc1496e000+17000]
This is what exposure of one of these bugs looks like.
So, go check and update all your servers. On Ubuntu / Debian systems a
glibc update typically recycles all the services, however a reboot is
probably a good idea regardless.
-Sean
--
Sean Dague
http://dague.net
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Mid-Hudson Valley Linux Users Group http://mhvlug.org https://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug Upcoming Meetings (6pm - 8pm) Vassar College * Mar 2 - Consuming The Cloud: Shoot Out Apr 6 - Open Street Map
