Yesterday Qualys announced a vulnerability in all versions of the GNU C library (glibc). The actual vulnerability involves a buffer overflow during DNS hostname resolution. Disclosure of this vulnerability was timed to coordinate with the release of patches by the various operating systems.
encylia’s servers were all patched last night, and have been rebooted to ensure that the vulnerable version of glibc is no longer being used on the systems involved.
The solution for both Redhat and CloudLinux is simple:
yum update glibc -y
Once the update has been applied and the reboot is complete, your server is patched. If you want to double check that it is patched, you can check the change log for glibc for the CVE with this command:
rpm -q --changelog glibc | grep CVE-2015-0235