Comment 6 for bug 1674733

Steve Beattie (sbeattie) wrote :

Joern, yes, that's what's happening, the new libnss_dns is being dynamically loaded (dlopen'ed) but ends up querying the older libresolv/libc, and there was mistakenly an ABI change introduced to cope with CVE-2015-5180.

There are currently test glibc/eglibc packages building in the https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/ that revert this change (as it breaks other things, see bug 1674532). Unfortunately, when the reversion is issued, that will likely mean needing to restart you php-fpm processes again. :( I'm terribly sorry about that.