Hello,

are there any information about the ramifications of the CVE-2015-7547 (glibc getaddrinfo() stack-based buffer overflow) exploit in Open-E DSS V7?
VMware, Zyxel, Citrix and even Synology have already made updated firmwares/patches for most of their affected appliances.

What’s the Status with Open-E DSS V7? Is it affected? Are there any workarounds? Is there an ETA for updated/patched Version?

I can’t find any information about this exploit in the Open-E Website, full disclosure was over a week ago. That’s a pretty long time for a security hazardous situation.

Cheers,
aradriel

[1]https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html