* IPFire 2.17 - Core Update 98 released
@ 2016-02-22 23:39 The IPFire Project
0 siblings, 0 replies; only message in thread
From: The IPFire Project @ 2016-02-22 23:39 UTC (permalink / raw)
To: ipfire-announce
[-- Attachment #1: Type: text/plain, Size: 1242 bytes --]
http://www.ipfire.org/news/ipfire-2-17-core-update-98-released
Due to a recently discovered security vulnerability in glibc, we are
releasing this Core Update that contains a fix for CVE-2015-7547.
CVE-2015-7547 in glibc/getaddrinfo
The getaddrinfo() interface is glibc, the system’s main C library, is
used to resolve names into IP addresses using DNS. An attacker can
exploit the process in the system performing this request by sending a
forged reply that is too long causing a stack buffer overflow. Code can
potentially be injected and executed.
IPFire is however not directly exploitable by this vulnerability as it
is using a DNS proxy, that rejects DNS responses that are too long. So
IPFire itself and all systems on the network that use IPFire as DNS
proxy are protected by the DNS proxy. However, we decided to push out a
patch for this vulnerability as quickly as we can.
Please reboot the system after installing the update.
----
I would also like to invite you all to support our latest crowd-funding
campaign to fund development of a Captive Portal for IPFire:
http://wishlist.ipfire.org/wish/the-ipfire-captive-portal
Otherwise you can of course donate using the usual ways:
http://www.ipfire.org/donate
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2016-02-22 23:39 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-02-22 23:39 IPFire 2.17 - Core Update 98 released The IPFire Project
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox