It seems there is a critical flaw in the glibc library used to compile C programs that can be used to execute malicious code on a remote machine. The best way to be safe is to use C programs compiled only with safe versions of glibc or to setup your firewall to drop DNS UDP packets bigger than 512 bytes and to allow only 1024 bytes long TCP DNS replies.
Everything is detailed in this article: https://thehackernews.com/2016/02/glibc-linux-flaw.html
I just installed Yunohost over a fresh install of Debian 8. Is this still something to be concerned about, or has it been dealt with by updates at this stage?
It seems to me that glibc has now been patched and the new version has already been made available by all the major distros, so you're fine