Print
Category: TufinOS

Please update your TufinOS


Google Security has found a vulnerability in glibc, a commonly used library:
https://googleonlinesecurity.blogspot.co.il/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html

A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library.

Tufin points out, that a patch is needed for TufinOS 2.10:

Tufin has published a patch for TufinOS 2.10:
https://portal.tufin.com/Doc/Default.aspx?id=1169

Please install this patch. If necessary, carry out an update before so the patch can be installed.