How to protect Linux – server from critical vulnerability Ghost. Update your OS!

A critical vulnerability has been identified in the Glibc system library ( CVE-2015-0235 ), which can be used to organize the execution of code in the system. The problem manifests itself in the processing of specially designed data in the functions gethostbyname () and gethostbyname2 (), which are used in many programs to convert the host name to an IP address. According to the degree of danger, the vulnerability that has been given the code name GHOST is comparable to vulnerabilities in Bash and OpenSSL . Working prototypes of exploits exist. Windows is not affected by this vulnerability.

We updated the container servers using virtualization at the OS level in the cloud and VPS independently for all users. Actions are required only for users of virtual machines (created with a checkmark "allow OS kernel management").

What OS are vulnerable?

Vulnerabilities are subject to long-sustained industrial distributions that require immediate updating. In particular, the problem manifests itself in Debian 7 , CentOS 6 and 7, Ubuntu 12.04 .

How to protect yourself?

The fixes are already released for Ubuntu 12.04 , Debian 7 , CentOS 6 and 7 . It is recommended to update all Linux – systems, regardless of whether the OS is on the vulnerable list. All Infobox and InfoboxCloud infrastructure has already been updated.
')

How to upgrade the OS?

Connect to the server via SSH .

For Ubuntu and Debian:
Run the command:

apt-key update && apt-get update && apt-get -y upgrade 

For CentOS
Run the command:

 yum -y update 

For OpenSuse:
Run the command:

 zypper refresh && zypper update -y 

After the upgrade, restart the server.
Please install operating system security updates in a timely manner to avoid problems.