On 27th January RedHat announced a vulnerability in the "glibc" package, which is a core package in the CentOS operating system on which we host our applications: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235
What does this mean for Delib customers?
A patched version of glibc has now been released, and we performed updates on all of our servers with this between 17:40GMT and 18:20GMT on 28/1/15. This action removed the vulnerability altogether. A small amount of downtime (between 2 and 15 minutes) was experienced across all sites. Most clients will only have experienced a very short downtime of 2 minutes, but some Budget Simulators and Dialogue Apps experienced times closer to 15 minutes.
Has my site been compromised?
We are confident that none of our clients systems or data has been compromised, and will be running a post-mortem to attempt to confirm this on 29th January