VyOS Platform Blog

CVE-2015-7547

Written by Daniil Baturin | February 16, 2016 10:44:51 PM Z

We know you are concerned (or should be concerned) with the vulnerability in glibc’s getaddrinfo() that allows remote code execution via specially crafted DNS response.

We are aware of it and are working of it. New maintenance release should be available tomorrow.

Until then, you can either update glibc from the squeeze-lts repos directly, or configure your firewall to limit DNS packet size to 2048 bits.