Ghost concern? update?

7 posts / 0 new
Topic locked
Last post
#1 Tue, 01/27/2015 - 22:57
christophera

Ghost concern? update?

Hi,

Will an update be sent out through Virtualmin GPL for the Ghost vulnerability?

According to the instructions from my hosting company, my Virtualmin server is vulnerable. They say there's not a yum update for the latest glibc for CentOS.

If not through Virtualmin nor yum, what do you suggest we do to take care of this?

Chris

Wed, 01/28/2015 - 03:37
tpnsolutions
tpnsolutions's picture

Hi,

It might be interesting for you to read about how Redhat the maintainer of Redhat Enterprise (which CentOS is based on) does "backporting". Sometimes people think they're not protected from something when in fact a backported version of the product does offer the protection while not sharing the upstream version number.

Here's the article in question:

https://access.redhat.com/security/updates/backporting

Best Regards,
Peter Knowles
TPN Solutions

Email: pknowles@tpnsolutions.com
Phone: 604-782-9342
Skype: tpnsupport
Website: http://www.tpnsolutions.com

Ask me about my new support plans which include a FREE copy of Virtualmin Pro!!!

Best Regards,
Peter Knowles | TPN Solutions
Email: pknowles@tpnsolutions.com | Skype: tpnassist
Wed, 01/28/2015 - 08:45
andreychek

Howdy,

We definitely recommend patching your server. Most distros that Virtualmin supports are also affected by the Ghost security bug.

There is actually an update for glibc on CentOS -- if you run a "yum update", it should offer a glibc related update. Performing that update will patch your system against Ghost, though you would also need to either restart all services that use it, or perhaps perform a reboot which may be a bit simpler.

-Eric

Wed, 01/28/2015 - 12:12 (Reply to #3)
webwzrd

I just did the CentOS glibc update. Is there any potential residual damage done to the servers while waiting for the update?

Wed, 01/28/2015 - 13:05 (Reply to #4)
andreychek

Howdy,

Yup! Anytime a security issue is present on a server and unpatched, there's always an opportunity for bad guys to get in there prior to it being patched.

Fortunately, you patched it quickly, which greatly reduces the risk of that kind of problem. In my opinion it's unlikely something bad happened, but you'd certainly want to keep an eye on your server and make sure you don't see anything unusual going on.

-Eric

Wed, 01/28/2015 - 12:53
Welshman
Welshman's picture

On this one you need to reboot for changes to take effect I believe.

Only Ubuntu seem to give this last bit of critical information.

The next stable Debian will have a 'restartneeded' program in the std repos I believe.

Very important to be getting on the security mailing lists of your server distro.

Some distros are faster than others getting their act together.

The chances of being hacked because of these complicated vulnerabilities for john doe are slim.

Chaos Reigns Within, Reflect, Repent and Reboot, Order Shall Return.

Wed, 01/28/2015 - 16:54
christophera

Ah, there wasn't a yum update when I wrote the first post here, but there is now :)

Updating now, thanks!

Chris

Topic locked