Security Patch for Ghost (CVE-2015-023)

Home Forums User Contributions Uncategorized Security Patch for Ghost (CVE-2015-023)


This topic contains 2 replies, has 2 voices, and was last updated by  Andrew 3 years, 1 month ago.

  • Author
  • #777


    Is the OPI vulnerable to the “Ghost” security bug (CVE-2015-0235) (see:

    An extremely critical vulnerability affecting most Linux distributions gives attackers the ability to execute malicious code on servers used to deliver e-mail, host webpages, and carry out other vital functions. … The vulnerability in the GNU C Library (glibc) represents a major Internet threat, in some ways comparable to the Heartbleed and Shellshock bugs that came to light last year. … While a patch was issued two years ago, most Linux versions used in production systems remain unprotected at the moment.

    If the OPI is vulnerable to the Ghost bug, please put it at the top of the list for the next update.


  • #786
    Tor Krill
    Tor Krill

    Hi Andrew,

    OPI should be safe with regards to CVE-2015-023. We do run the latest Ubuntu GLIBC 2.19-0ubuntu6.4 and the Ghost bug should not be present in that.

    You can read some more about it here:


  • #791


    Great! Thanks, Tor!

    Suggestion: Create a security page that lists security bugs by popular name (e.g., Heartbleed, Shellshock, Ghost, etc.) and CVE designation and the status of OPI with regard to the vulnerabilities.

    Keep up the good work!


The forum ‘Uncategorized’ is closed to new topics and replies.

Posted in