RHEL has an update out.<br><a href="https://rhn.redhat.com/errata/RHSA-2015-0090.html">https://rhn.redhat.com/errata/RHSA-2015-0090.html</a><br><div><a href="https://rhn.redhat.com/errata/RHSA-2015-0092.html">https://rhn.redhat.com/errata/RHSA-2015-0092.html</a><br></div><div><br></div><div>Note that you need to reboot after updating glibc.</div><div><br></div><div>Well, technically instead of rebooting, you could do something like "lsof | grep lib | grep DEL" to find everything using old version of libraries that have been updated, and restart anything that could be persuaded into doing a DNS lookup (anything accessible to the world). But, really, there's so many things that you're probably better off just rebooting.</div><br><div class="gmail_quote">On Tue Jan 27 2015 at 2:24:49 PM Omar Eljumaily <<a href="mailto:omar@omnicode.com">omar@omnicode.com</a>> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Good 'ol RHEL/Centos still seems to be vulnerable.<br>
<br>
On 1/27/2015 2:08 PM, <a href="mailto:gandalf@sonic.net" target="_blank">gandalf@sonic.net</a> wrote:<br>
> <a href="http://www.openwall.com/lists/oss-security/2015/01/27/9" target="_blank">http://www.openwall.com/lists/<u></u>oss-security/2015/01/27/9</a><br>
><br>
> ______________________________<u></u>_________________<br>
> talk mailing list<br>
> <a href="mailto:talk@nblug.org" target="_blank">talk@nblug.org</a><br>
> <a href="http://nblug.org/cgi-bin/mailman/listinfo/talk" target="_blank">http://nblug.org/cgi-bin/<u></u>mailman/listinfo/talk</a><br>
<br>
______________________________<u></u>_________________<br>
talk mailing list<br>
<a href="mailto:talk@nblug.org" target="_blank">talk@nblug.org</a><br>
<a href="http://nblug.org/cgi-bin/mailman/listinfo/talk" target="_blank">http://nblug.org/cgi-bin/<u></u>mailman/listinfo/talk</a><br>
</blockquote></div>