Joern, yes, that's what's happening, the new libnss_dns is being dynamically loaded (dlopen'ed) but ends up querying the older libresolv/libc, and there was mistakenly an ABI change introduced to cope with CVE-2015-5180.
There are currently test glibc/eglibc packages building in the https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/ that revert this change (as it breaks other things, see bug 1674532). Unfortunately, when the reversion is issued, that will likely mean needing to restart you php-fpm processes again. :( I'm terribly sorry about that.
Joern, yes, that's what's happening, the new libnss_dns is being dynamically loaded (dlopen'ed) but ends up querying the older libresolv/libc, and there was mistakenly an ABI change introduced to cope with CVE-2015-5180.
There are currently test glibc/eglibc packages building in the https:/ /launchpad. net/~ubuntu- security- proposed/ +archive/ ubuntu/ ppa/ that revert this change (as it breaks other things, see bug 1674532). Unfortunately, when the reversion is issued, that will likely mean needing to restart you php-fpm processes again. :( I'm terribly sorry about that.