It was reported that there is a vulnerability in glibc, an open source library. As described by Ars Technica, "The vulnerability was introduced in 08 in the GNU C Library, a collection of open source code that powers thousands of standalone applications and most Linux distributions, including those distributed with routers and other equipment. a feature called getaddrinfo () that performs domain name lookups contains a buffer overflow bug that allows attackers to remotely execute malicious code. It can be exploited when vulnerable devices or applications make requests to attacker-controlled domain names or domain name servers or when exposed to man-in-the-middle where the opponent has the ability to control and manipulate data passing between a vulnerable device and open Internet. All versions of glibc after 2.9 are vulnerable. "
We wanted our customers to know that we are aware and we are patching our services, with priority on any system that involves our service or customer data. We'll let you know when updates are completed.
Please reach out to Golden Frog Support if you have questions in the meantime.
0 Komentar