WHAT'S HAPPENING?
TSO Linux core critical services, research systems, and instructional systems will be intermittently unavailable, including DNS, LDAP, home directories, and the main web sites for CoC, CS, CSE, and IC.
WHEN IS IT HAPPENING?
Wednesday, January 28, 2015, starting at 7:30 AM. The maintenance is expected to be completed by 5:00 PM, January 28, 2015.
WHY IS IT HAPPENING?
A highly critical vulnerability in the GNU C Library (glibc) affecting versions between 2.2 and 2.17 has been announced. Dubbed the GHOST vulnerability, it allows attackers to remotely take complete control of a vulnerable system without needing any prior knowledge of system credentials. TSO will patch and reboot the affected TSO-managed systems.
Additional details regarding the vulnerability are available at
http://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability
and
http://arstechnica.com/security/2015/01/highly-critical-ghost-allowing-code-execution-affects-most-linux-systems/
and
http://www.openwall.com/lists/oss-security/2015/01/27/9
WHO IS AFFECTED?
All users of CoC Linux core services, research systems, and instructional systems. This will not affect Windows servers.
WHAT DO YOU NEED TO DO?
Affected users should save their work frequently and be prepared for service interruption during the maintenance period. Staggered reboots will take place to minimize DNS resolution issues. If this emergency maintenance will cause undue hardship, please let TSO know as soon as possible by contacting the TSO Help Desk.
WHO SHOULD YOU CONTACT FOR QUESTIONS?
TSO Help Desk (CCB 148, 404.894.7065, helpdesk@cc.gatech.edu).
Owner of Alert
TSO