Tstaff will be performing a department-wide reboot of Linux desktop machines at 5:30am tomorrow, Wednesday, January 20th, to apply an urgent security patch. Please be sure to log out of your machines before then.
A major vulnerability was announced today in versions 3.8 and higher of the Linux kernel. The details may be found here: http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/
Debian 8 "Jessie", which is what most of our desktop machines are currently running, uses the Linux 3.16 kernel. The announcement of the Debian patch is here: https://www.debian.org/security/2016/dsa-3448 Machines running Debian 7 "Wheezy" are not affected, as they use Linux 3.2.
We will follow up on an individual basis with owners of VMs that are running Debian 8 "Jessie" to schedule reboots.
As always, please email firstname.lastname@example.org with any questions or concerns.