Cloud security company Qualys announced Tuesday the issues prevalent in glibc since version 2.2 introduced in 2000-11-10 (the complete Qualys announcement may be viewed here). The vulnerability, CVE-2015-0235, has been dubbed “GHOST.”
As the announcement from Qualys indicates, it is believed that MySQL and by extension Percona Server are not affected by this issue.
Percona is in the process of conducting our own review into the issue related to the Percona Server source code – more information will be released as soon as it is available.
In the interim the current advisory is to update your glibc packages for your distributions if they are in fact vulnerable. The C code from the Qualys announcement may aid in your diagnostics, section 4 of …
[Read more]