[olug] Bash Bug Info
Lou Duchez
lou at paprikash.com
Thu Sep 25 08:55:00 CDT 2014
That's a real good point -- I am a little distressed at how these
vulnerability alerts have demonstrated exactly how to perform the
exploit, so now it's a race between those of us who have just been
informed that we need to patch our systems, and those who have just been
informed HOW to attack our systems.
I think the patch just now became available for Fedora.
> Has anyone ever thought that a vulnerability announcement like this, would
> be an efficient way to deliver another vulnerability inside the package,
> and guarantee that most will install it on their systems?
>
> On Thu, Sep 25, 2014 at 6:26 AM, Brian Roberson <roberson at bstc.net> wrote:
>
>> Busy day for all us sys admins.
>>
>> Quick vulnerability check:
>>
>> env x='() { :;}; echo vulnerable' bash -c 'echo hello'
>>
>>
>> if you get anything but an error, you need to patch quickly!
>>
>>
>> http://www.theregister.co.uk/2014/09/24/bash_shell_vuln/
>> _______________________________________________
>> OLUG mailing list
>> OLUG at olug.org
>> https://lists.olug.org/mailman/listinfo/olug
>>
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://lists.olug.org/mailman/listinfo/olug
More information about the OLUG
mailing list