Ubuntu splats TITSUP bug spread in update
Fat-thumbed DNS patch unpatched, time to re-patch
A simple library update turned into a white-knuckle ride for Ubuntu sysadmins, who have lit up Reddit and StackOverflow to complain that their 'net connections went TITSUP (Total Inability To Support Usual Performance).
The guilty code is an upgrade to
libc6 which broke the
getaddrinfo() function in Ubuntu's DNS resolver code.
Because it auto-installed as an unattended upgrade, many of the comments in this Reddit thread came from people burned by the bug when they arrived at work in the morning.
There are two bug reports for the issue, which has been narrowed down to code fixing CVE-2015-5180, a null pointer in DNS resolver code used throughout the Linux world.
It's explained in detail by Steve Beattie here: “The new libnss_dns is being dynamically loaded (dlopen'ed) but ends up querying the older libresolv/libc, and there was mistakenly an ABI change introduced to cope with CVE-2015-5180.”
Ubuntu has since rolled back that fix, so sysadmins can now re-patch
libc6 and associated libraries to get their DNS fixed. ®
Sponsored: Becoming a Pragmatic Security Leader