Domino on Linux/Unix, Troubleshooting, Best Practices, Tips and more ...

Critical: glibc security and bug fix update

Daniel Nashed  17 February 2016 14:02:45

There is a critical issue with the glibc lib that Linux and other systems are using.

The best short description I found is the following:

"A stack-based buffer overflow was found in the way the libresolv library
performed dual A/AAAA DNS queries. A remote attacker could create a
specially crafted DNS response which could cause libresolv to crash or,
potentially, execute code with the permissions of the user running the
library. Note: this issue is only exposed when libresolv is called from the
nss_dns NSS service module. (CVE-2015-7547)"

Redhat already released patches:

And there is also a patch from SuSE

I have already updated my CentOS 6 Linux machines (via yum update).

Another interesting link is from Heise with some details in German:

Thanks to my friend Harvey Pope pointing me to this bug and sending me the Heise link!


  • [IBM Lotus Domino]
  • [Domino on Linux]
  • [Nash!Com]
  • [Daniel Nashed]