2015年01月31日 VPS测评 评论 7 条

Qualys最新的发现并且公布了linux漏洞“CVE-2015-0235”,对于绝大多数人来说这个漏洞都应该重视起来,受影响的系统有:Debian 7,CentOS 6 & 7,Ubuntu 12.04,不受影响的有:Fedora 20 & 21,Ubuntu 14.04 and 14.10,Arch,OpenSuse 13.2。debian7系统版本低于2.13-38+deb7u7的都是不安全的,ubuntu系统低于2.15-0ubuntu10.10同样是不安全的,自己来检查一下:

# aptitude show libc6
Package: libc6
State: installed
Automatically installed: no
Multi-Arch: same
Version: 2.13-38+deb7u6
Priority: required
Section: libs
Maintainer: GNU Libc Maintainers
Architecture: amd64
Uncompressed Size: 9,687 k
Depends: libc-bin (= 2.13-38+deb7u6), libgcc1
Suggests: glibc-doc, debconf | debconf-2.0, locales
Conflicts: prelink (<= 0.0.20090311-1), tzdata (< 2007k-1), tzdata-etch Breaks: locales (< 2.13), locales-all (< 2.13), lsb-core (<= 3.2-27), nscd (< 2.13) Replaces: libc6-amd64 Provides: glibc-2.13-1 Description: Embedded GNU C Library: Shared libraries Contains the standard libraries that are used by nearly all programs on the system. This package includes shared versions of the standard C library and the standard math library, as well as many others. Homepage: http://www.eglibc.org centos 7早于glibc-2.17-55.el7_0.5 以及centos 6 早于glibc-2.12-1.149.el6_6.5的都需要打补丁,下面的命令你会用到的: # yum info glibc .... Installed Packages Name : glibc Arch : x86_64 Version : 2.17 Release : 55.el7_0.1 Size : 13 M Repo : installed From repo : updates Summary : The GNU libc libraries URL : http://www.gnu.org/software/glibc/ License : LGPLv2+ and LGPLv2+ with exceptions and GPLv2+ Description : The glibc package contains standard libraries which are used by : multiple programs on the system. In order to save disk space and : memory, as well as to make upgrading easier, common system code is : kept in one place and shared between programs. This particular package : contains the most important sets of shared libraries: the standard C : library and the standard math library. Without these two libraries, a : Linux system will not function. 打补丁办法很简单: debian: apt-get update apt-get dist-upgrade centos和fedora yum clean all yum update

  • 版权所有:©2012-2016 主机测评. All rights reserved
  • 安全提醒:购买请仔细阅读商家条款,阅读本站网友评论、或加群咨询,谨慎交易,自担风险
  • 联系我们:站长QQ 20510761,QQ群:336815466,486721,TG群:t.me/zhujiceping

7 条留言  访客:6 条  博主:1 条

  1. 便宜vps


  2. 便宜vps


  3. morgan


  4. lop–教导主任


  5. MAER


    • admin


      • MAER