Excuse us while while our Operations team do some Ghostbusting. A recently disclosed security flaw, given the name Ghost but officially known as CVE-2015-0235, has triggered our security response process.
At this point is that we have evaluated the impact of the flaw and are now actively working on ensuring that the flaw is not present in any of our systems. Currently there is no known public exploit for the vulnerability, but it is only a matter of time before that changes. We are aiming to complete these updates and restarts as quickly as possible and well before that time comes.
The Ghost vulnerability is a bug in versions 2.2 to 2.17 of the glibc library. That's a library used to provide many of the system level functions that Linux applications rely on. The name comes from the particular problematic function, gethostbyname, which can be tricked into running remote code. There are also a number mitigating factors that can apply which stop the function being open to abuse.
Many of those factors apply to the Compose systems, but for the maximum levels of confidence the safest fix is to update to version 2.18 or later of glibc. Because glibc is used by so many applications including core system processes, the only way to be sure that the update has taken is to restart systems once the update has been applied.
This is why customers will see some deployments being restarted. If correctly configured to use the high availability features of their database deployments, those customers should not notice any interruption to their regular workflow. We'll also make sure to contact any customers where the restarting may need to be coordinated with them.
If you have any questions or concerns about this, please do get in touch. The most effective ways are by email to firstname.lastname@example.org or using the integrated support system in your Compose dashboard.