FYI... Received this security update from Vertica:
Security Update
Ted Manka <ted.manka@hp.com>
Mon 3/16/2015 12:21 PM
To:
Knicely, Jim;
To help protect your privacy, some content in this message has been blocked. To re-enable the blocked features, click here.
To always show content from this sender, click here.
Action Items
Dear Support Contact,
HP Vertica is affected by the Ghost glibc vulnerability.
The Ghost glibc vulnerability affects most Linux distributions and gives attackers the ability to execute malicious code on servers used to deliver e-mail, host webpages, and carry out other vital functions.
From US-CERT (https://www.us-cert.gov/ncas/current-ac ... nerability):
"The Linux GNU C Library (glibc) versions 2.2 and other 2.x versions before 2.18 are vulnerable to remote code execution via a vulnerability in the gethostbyname function. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.
US-CERT recommends users and administrators refer to their respective Linux or Unix-based OS vendor(s) for an appropriate patch if affected. Patches are available from Ubuntu (link is external), Red Hat (link is external), and Debian. The GNU C Library versions 2.18 and later are also available for experienced users and administrators to implement."
As always please make any changes to your development/QA regions and test with full production load before migrating any changes into production clusters.
Periodically HP Vertica may identify significant security vulnerabilities in the software or components we depend upon. We will make every effort to proactively notify customers of affected versions and will do our best to provide workarounds while we address the problem. If you want to opt out of these notifications, please notify the HP Vertica Technical Support team.
We will be releasing new AMI/VM images with the updated libraries. You can manually patch your VMWare image or AMI if you want to address this issue before the images are available.
Thank you,
Follow us on twitter, @verticahelp
HP Vertica is affected by the Ghost glibc vulnerability
Moderator: NorbertKrupa
- JimKnicely
- Site Admin
- Posts: 1825
- Joined: Sat Jan 21, 2012 4:58 am
- Contact:
HP Vertica is affected by the Ghost glibc vulnerability
Post by JimKnicely » Mon Mar 16, 2015 5:53 pm
Jim Knicely
Note: I work for Vertica. My views, opinions, and thoughts expressed here do not represent those of my employer.
Note: I work for Vertica. My views, opinions, and thoughts expressed here do not represent those of my employer.
Return to “Vertica and the Operating System”
Jump to
- General
- ↳ Welcome to vertica-forums.com!
- ↳ Board Announcements
- ↳ Request for New Forums Categories
- ↳ Announcements, Events and Activities
- ↳ Vertica Links
- ↳ General
- ↳ Employment
- ↳ Vertica Certification
- Newbie
- ↳ New to Vertica
- ↳ New to Vertica Database Administration
- ↳ New to Vertica Database Development
- ↳ New to Vertica SQL
- Using Vertica
- ↳ Vertica Database Administration
- ↳ Vertica Database Development
- ↳ Vertica SQL
- ↳ Vertica SQL Functions
- ↳ Vertica Database Designer (DBD)
- ↳ Vertica User Defined Functions (UDFs)
- ↳ Vertica External Procedures
- ↳ Vertica Analytics
- ↳ Vertica Management Console
- ↳ Vertica Error Codes
- ↳ Vertica Backup & Recovery
- ↳ Vertica Installation
- ↳ Vertica Security
- ↳ Vertica Performance Tuning
- ↳ Vertica Administration Tools
- ↳ Vertica Upgrade
- ↳ Vertica Migration
- ↳ Vertica and the Operating System
- ↳ Vertica Data Load
- ↳ Vertica Tips, Lessons and Examples
- ↳ Vertica "How to..."
- Connecting to Vertica
- ↳ ADO.NET
- ↳ Cognos
- ↳ DBeaver
- ↳ dbVisualizer
- ↳ HDFS Connector
- ↳ Hadoop Connector
- ↳ HCatalog Connector
- ↳ Informatica PowerCenter
- ↳ JDBC
- ↳ Microsoft SQL Server Analysis Services (SSAS)
- ↳ MicroStrategy
- ↳ Microsoft SQL Server Integration Services (SSIS)
- ↳ ODBC
- ↳ Perl
- ↳ PHP
- ↳ Python
- ↳ R Language Integration
- ↳ Rhapsody Interface Engine
- ↳ SQL Workbench/J
- ↳ SQuirreL SQL Client
- ↳ Talend
- ↳ Tableau
- ↳ Toad for Data Analysts
- ↳ Vertica SDK API
- ↳ VoltDB
- ↳ vSQL
- Vertica Portfolio
- ↳ Vertica Premium Edition
- ↳ Vertica Express Edition
- ↳ Vertica Community Edition
- ↳ Vertica SQL on Hadoop
- ↳ Vertica in the AWS Cloud
- ↳ Vertica on Microsoft Azure
- All times are UTC+01:00
- Top
- Delete all board cookies
Powered by phpBB ® | phpBB3 theme by KomiDesign