<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<br>
<div class="moz-cite-prefix">On 01/29/2015 11:18 AM, Ovidiu Calbajos
wrote:<br>
</div>
<blockquote
cite="mid:CAC-KA36cPqNg9y20hRAu3LTq-_+tm5AC6D4SeCYdA-fDE+6Fqg@mail.gmail.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<div dir="ltr">Hello,
<div><br>
</div>
<div>Today one of our customers informed us that his container
was not able to upgrade to the latest libc6 in order to avoid
the GHOST vulnerability CVE-2015-0235. Searching the internet
was without any positive result. What I found out was that
libc-bin, libc6, libc6-dev and libc-dev-bin were configured to
be downloaded from a PPA( <a moz-do-not-send="true"
href="http://ppa.launchpad.net/izx/ovz-libc/ubuntu">http://ppa.launchpad.net/izx/ovz-libc/ubuntu</a>
) and not from the Canonical's update servers. So what was to
remove the files
/etc/apt/sources.list.d/izx-ovz-libc-precise.list and
/etc/apt/preferences.d/99ovz-libc-pin and do an update/upgrade
to the VPS which resulted in updating the libc6 to the latest
version available for Ubuntu 12.04 which is 2.15-0ubuntu10.10.</div>
<div>Hopefully this message will help other users update the
libc6 library on their containers or customer's containers.</div>
<div><br>
</div>
<div>Best regards,</div>
<div>Ovidiu Calbajos</div>
<br>
</div>
</blockquote>
<br>
Interesting. Where did you get that template? Official OpenVZ
template<br>
doesn't have this PPA configured, using standard glibc from the
default repo.<br>
<br>
Kir.<br>
</body>
</html>