[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ale] critical bash security bug in the wild
Looks like updates are there for CentOS
You should 'yum update' as soon as possible to resolve this issue.
Here's why you should care:
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
Links to the centos updates:
CentOS-5:http://lists.centos.org/pipermail/centos-announce/2014-September/020582.html
CentOS-6:http://lists.centos.org/pipermail/centos-announce/2014-September/020585.html
CentOS-7:http://lists.centos.org/pipermail/centos-announce/2014-September/020583.html
On Wed, Sep 24, 2014 at 5:43 PM, Chuck Payne <terrorpup at gmail.com> wrote:
> I was just abot to ask if there is a fix for CentOS6 as it there.
>
>
> https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
>
> env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
> vulnerable
> this is a test
>
>
> On Wed, Sep 24, 2014 at 5:37 PM, David Ritchie <deritchie at gmail.com>
> wrote:
>
>> https://access.redhat.com/articles/1200223?sc_cid=70160000000e8eaAAA&;
>>
>> Also seen in Solaris - there is probably others...
>>
>>
>> -- David
>> -------------- next part --------------
>> An HTML attachment was scrubbed...
>> URL: <
>> http://mail.ale.org/pipermail/ale/attachments/20140924/8fd72427/attachment.html
>> >
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>>
>
>
>
> --
> Terror PUP a.k.a
> Chuck "PUP" Payne
>
> 678 636 9678
> -----------------------------------------
> Discover it! Enjoy it! Share it! openSUSE Linux.
> -----------------------------------------
> openSUSE -- Terrorpup
> openSUSE Ambassador/openSUSE Member
> skype,twiiter,identica,friendfeed -- terrorpup
> freenode(irc) --terrorpup/lupinstein
> Register Linux Userid: 155363
>
> Have you tried SUSE Studio? Need to create a Live CD, an app you want to
> package and distribute , or create your own linux distro. Give SUSE Studio
> a try.
>
>
--
Terror PUP a.k.a
Chuck "PUP" Payne
678 636 9678
-----------------------------------------
Discover it! Enjoy it! Share it! openSUSE Linux.
-----------------------------------------
openSUSE -- Terrorpup
openSUSE Ambassador/openSUSE Member
skype,twiiter,identica,friendfeed -- terrorpup
freenode(irc) --terrorpup/lupinstein
Register Linux Userid: 155363
Have you tried SUSE Studio? Need to create a Live CD, an app you want to
package and distribute , or create your own linux distro. Give SUSE Studio
a try.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20140924/66f138d6/attachment.html>