STOCKHOLM, SWEDEN. 2016-02-19, by Andreas Åsander
Clavister solutions not affected – here’s what you need to know
About the vulnerability
On Tuesday the 16:th of February 2016 the google security team discovered a critical buffer overflow vulnerability in glibc (CVE-2015-7547 and CVE-2015-5229).
Due to this vulnerability a remote attacker could create a DNS response which could cause libresolv to crash or, potentially, execute malicious code (CVE-2015-7547). The google team also discovered critical flaws that could result in unexpected application behavior such as hangs or crashes. (CVE-2015-5229)
The good news
Clavister products are not affected by this vulnerability since Clavister does not include or use glibc in its products that would expose the systems to this critical issue.