Hi,
Is there any guidance for patching the DNS vulnerability for Nagios XI virtual appliances?
thanks!
CVE-2015-7547
Re: CVE-2015-7547
yum update will do it, assuming you have access.
Or you could yum install glibc if you don't want to update everything.
You'll want to make sure you have glibc-2.12-1.166
Or you could yum install glibc if you don't want to update everything.
You'll want to make sure you have glibc-2.12-1.166
Former Nagios Employee.
me.
me.
Re: CVE-2015-7547
Hi hsmith,
We are located in a secure facility and none of our servers talk to the outside world (i.e. no access). We do roll a yum repo but we downloaded Nagios XI as an appliance. I'm not even sure what operating system it is.
Is there any documentation, like a walk through maybe; of fixing the vulnerability manually?
Any advice?
Ben
We are located in a secure facility and none of our servers talk to the outside world (i.e. no access). We do roll a yum repo but we downloaded Nagios XI as an appliance. I'm not even sure what operating system it is.
Is there any documentation, like a walk through maybe; of fixing the vulnerability manually?
Any advice?
Ben
Re: CVE-2015-7547
This would need to be addressed by your networking team. The repo will need the updated glibc, and then you can do the yum update from there. The OS should be some version of CentOS, depending on how old the XI server is. You can get it by running cat /etc/*release* on the command line.
Former Nagios employee
Re: CVE-2015-7547
We don't connect our PCs to the internet so we can't really yum update. And I don't want to try to run down all the dependencies for patching glibc. And rolling a CentOS repo isn't really an option for us.
Virtual appliances can sort of skid by at our site because we get them from directly from the vendor.
I really don't want to try patching this thing without some Nagios support. What if something breaks? We depend on Nagios a lot. Its been awesome the past year because it just works but this DNS thing is a big deal and I'd really like some guidance.
Do I have any options?
thanks
Virtual appliances can sort of skid by at our site because we get them from directly from the vendor.
I really don't want to try patching this thing without some Nagios support. What if something breaks? We depend on Nagios a lot. Its been awesome the past year because it just works but this DNS thing is a big deal and I'd really like some guidance.
Do I have any options?
thanks
Re: CVE-2015-7547
I would take a VM snapshot if you are concerned about things breaking, but beyond that I do not have any RPM or script to give you to patch this. There are various articles around about how to handle offline patching:
https://access.redhat.com/discussions/1340433
http://www.linuxquestions.org/questions ... ms-921073/
https://www.centos.org/forums/viewtopic.php?t=17022
But if a local repo is not possible, you will need to work with your systems/networking/security teams to get this resolved.
https://access.redhat.com/discussions/1340433
http://www.linuxquestions.org/questions ... ms-921073/
https://www.centos.org/forums/viewtopic.php?t=17022
But if a local repo is not possible, you will need to work with your systems/networking/security teams to get this resolved.
Former Nagios employee