On 2/18/16, the National Vulnerability Database (NVD) announced the CVE 2015-7547 vulnerability. This vulnerability affects the GNU C library on Linux operating systems.
Code42 Response to CVE 2015-7547
The Code42 cloud, Code42 server software, and Code42 CrashPlan app are not affected by the information exposed in National Vulnerability Database (NVD) CVE 2015-7547.
On-Premises Code42 Servers
If you are a Managed Pricate Cloud (MPC) customer, Code42 has already contacted you about updating your server operating system.
While Code42 products are not directly affected by this vulnerability, if your Code42 servers use the Linux operating system, they are vulnerable to the information exposed in National Vulnerability Database (NVD) CVE 2015-7547 until the operating system is patched and a complete reboot takes place.
Risk to affected systems is based on customer DNS configuration, but acting as a DNS client to an already secured DNS server should have no actual exposure.
We recommend contacting your system administrator about any required updates to the operating system. If you need assistance rebooting your Code42 server after updates are applied, contact our Code42 Customer Champions.
The Code42 Team