[BlueOnyx:26944] Re: GLIBC Vulnerability on Servers Serving PHP (CVE-2024-2961)
Taco Scargo
taco at blueonyx.nl
Tue Apr 23 00:42:32 -05 2024
Hi Michael,
Thanks for the heads-up and the hot fix. I must have missed this.
I see there is no new swatch for 6109 yet, is that system not affected?
Thanks,
Taco
> On 23 Apr 2024, at 04:32, Michael Stauber via Blueonyx <blueonyx at mail.blueonyx.it> wrote:
>
> Hi all,
>
> Last week CVE-2024-2961 was announced. In brief, systems using glibc and serving php content could potentially be at risk. The vulnerability is related to the ISO-2022-CN-EXT character set.
>
> Today we were made aware of a 24 year old vulnerability in GLIBC, which (in conjunction with PHP with ICONV support installed) could potentially be exploitable.
>
> For more information see https://nvd.nist.gov/vuln/detail/CVE-2024-2961 or watch this video on Youtube: https://youtu.be/kQdRT2odUIk
>
> At the time of the writing of this article no official fix for EL7, EL8 or EL9 has been released, so we worked out a work around that disables the vulnerable ISO-2022-CN-EXT character set in GLIBC. That should be good enough until the time an official fix arrives.
>
> Updated "swatch" RPMs that contain this hotfix have been published for BlueOnyx 5209R, BlueOnyx 5210R and BlueOnyx 5211R.
>
> Code changes in Swatch to implement this:
>
> https://devel.blueonyx.it/trac/changeset?reponame=&new=5254%40%2F&old=5252%40%2F
>
> --
> With best regards
>
> Michael Stauber
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx
More information about the Blueonyx
mailing list