SUSE advisory image

SUSE advisory for SLES

A serious security bug in current versions of glibc was published 16th February 2016, SUSE advisory for SLES. It can be exploited by an attacker that controls the response received to some forms of DNS query.

While non-trivial to exploit, this means that any code that invokes getaddrinfo() – which includes SSH, sudo, and curl, to name but three – can be manipulated into executing arbitrary code.

We urge operators of Linux systems everywhere to apply security patches as they become available as a matter of urgency.

If you have SLE11 SP3 or later systems you should install the updated glibc package ASAP. If you’re running OES11 SP2 or 2015 you’ll be covered but anything earlier I guess you’ll need to wait for Micro Focus to publish an updated package (or take the hint to upgrade the OS!).

0 replies

Leave a Reply

Want to join the discussion
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *