Mitigating GHOST

As you may know there is a security advisory out against the GNU C library (glibc) that remote code execution is possible due to a buffer overrun in gethostbyname, a pretty commonly used function.

If you manage your own Linux systems, you should upgrade them. For the Raspberry Pi and Debian in general you should be able to do something like:

sudo apt-get update
sudo apt-get upgrade
sudo reboot

This will update your boot loader, operating system kernel, numerous utilities and all of the packages installed by apt-get on your system to the latest versions, not just the library to fix the bug, and takes at least, like, 30 minutes, longer if you have a relatively slow Internet connection and/or are using an SD card with a fairly low transfer speed.

On one of my Pis running fairly recent but not super recent Raspbian it pulled down 118 megabytes of data to update everything.

FlightAware will trigger this update and then reboot all PiAware sites running the SD card image that have not disabled automatic updating and all PiAware sites that have enabled automatic updating over the next 48 hours.

You can stop dump1090 and the update will go more quickly but we aren’t doing that during the automated updates in order to maximize ADS-B coverage time for the receivers.

Here is the list of the packages that got updated on my Pi. Your system may need more or fewer depending on what version it is running and whether or not you have installed additional packages.

  base-files curl epiphany-browser-data file gnome-themes-standard-data
  krb5-locales libavcodec53 libavutil51 libc-bin libc-dev-bin libc6 libc6-dev
  libcurl3 libcurl3-gnutls libevent-2.0-5 libgssapi-krb5-2 libjasper1
  libjavascriptcoregtk-3.0-0 libk5crypto3 libkrb5-3 libkrb5support0 libmagic1
  libmysqlclient18 libpixman-1-0 libraspberrypi-bin libraspberrypi-dev
  libraspberrypi-doc libraspberrypi0 libssl1.0.0 libwebkitgtk-3.0-0
  libwebkitgtk-3.0-common locales mime-support multiarch-support mysql-common
  openssl perl perl-base perl-modules python-picamera python-rpi.gpio
  python3-picamera python3-rpi.gpio raspberrypi-bootloader raspi-config tzdata
  unzip xdg-utils

just updated the stuff.
reboot took 45 seconds, and i am back again…

If I run the “Upgrade Everything” from the user web page will that force my PiAware to upgrade the necessary files ?