Univention has released patches for the “GHOST” CVE-2015-0235 security
vulnerability for UCS.
If your UCS maintenance is current you will have received detailed
“errata” announcement emails for the updates. These apply for UCS 4.0
and UCS 3.2 which are currently under maintenance.
In all cases it is recommended that you apply the patches as soon as possible. Then check that the patches are installed and operating as expected.
If you did not receive the errata announcement emails you can see the core errata information here:
UCS 4.0
http://errata.univention.de/ucs/4.0/49.html
UCS 3.2.x
http://errata.univention.de/ucs/3.2/278.html
UCS 3.1, 3.0, 2.4 and earlier are outside the normal maintenance contract time window and these patches don’t apply to them. In most cases there is no reason to run these older versions and naturally you should upgrade from these versions as soon as possible. However, if this is not possible Univention offer an Extended Security Maintenance subscription. Please read more about this option here.
If you need help to work through these issues please don’t hesitate to make contact with the CustomTech support team https://www.custom.tech/support/.
