Wednesday, 28 January 2015

Mahara Disruption. Today 28th Jan!

Due to the recent news about the GHOST security vulnerability in Linux GNU Library, ULCC, our Mahara service provider will be patching their servers today between 2-5PM GMT to secure this threat.

Any outage shouldn't take too long as it's just a rolling restart of servers.

Here is the further communication from our suppliers.


Yesterday a major security hole, GHOST (CVE-2015-0235) <> , in the Linux GNU C Library (glibc) was identified by researchers at cloud security company Qualys. This vulnerability enables hackers to remotely take control of systems without even knowing any system IDs or passwords.

Following analysis today by our Linux team we need to apply patches to all Linux servers to remove this vulnerability. Unfortunately as this patches glibc, the GNU C library, it requires a system restart to implement as the files are in use by numerous processes running on the systems. The patching process is likely to cause a service outage of up to five minutes while the system is restarted, meaning your site/service will be unavailable during this time.

The patching process will take place today, 28 January 2015, between 2-5pm. We apologise for the short notice, but feel urgent action is required considering the severity of the threat.


We will update with more information as we receive it.

No comments:

Post a Comment