Worried about GHOST? Don’t be, on supported Fedora versions.

There’s a quite serious security vulnerability making the news today (ZDNet, Ars Technica), CVE-2015-0235, nicknamed “GHOST”. It happens that this flaw was fixed in glibc-2.18 (but quietly, and the full implications don’t seem to have been widely noticed). That means that Fedora 20 and Fedora 21 are not vulnerable to this problem, because they shipped with newer versions than that — but note that Fedora 19 and before are. If you are running an old release, and haven’t yet gotten around to updating, this is an excellent time to do so.

(If you’re running one of our downstream distributions, or are just curious, see Red Hat’s security advisory for CVE-2015-0235 for RHEL.)

Using Software

2 Comments

  1. Doug

    I’m wondering where updates are for fedora 19 concerning this exploit. I’ve patched, and stay updated, but there is little information about whether this version is still vulnerable. Fedora 19 is still supported correct? There should be updated packages, but the tests I try say the system is vulnerable and there are no patches. Should Fedora 19 not be considered supported?

Comments are Closed

The opinions expressed on this website are those of each author, not of the author's employer or of Red Hat. Fedora Magazine aspires to publish all content under a Creative Commons license but may not be able to do so in all cases. You are responsible for ensuring that you have the necessary permission to reuse any work on this site. The Fedora logo is a trademark of Red Hat, Inc. Terms and Conditions