 A long-standing vulnerability unearthed in the GNU Bash software, nicknamed Shellshock, has disrupted the daily activities of the Linux system administrator community, as Linux distributors, cloud vendors and end users grapple to understand the full scope of the potential damage it could cause. Read full story here: http://www.computerworld.com/article/2687983/shellshock-flaws-roils-linux-server-shops.html Geeks, making the world a better place |
Another article on Shellshock: http://www.networkworld.com/article/2687953/security0/bigger-than-heartbleed-shellshock-flaw-leaves-os-x-linux-more-open-to-attack.html Geeks, making the world a better place |
My servers are patched already. Thanks for posting this just in case others haven't seen or heard about the vulnerability. :) Jeremy |
yup just fixed it on my vps. Received an email from provider too. |
RE My servers are patched already. Thanks for posting this just in case others haven't seen or heard about the vulnerability. :) Mine too. ManOfTeal.COM a Proud UNA site, six years running strong! |
Yep, sent out the alert to all our dedicated server customers the other day. There's another patch and update that rolled out in the early AM today that fixes some missed stuff, so make sure you have the latest version (if you last updated yesterday, you likely missed it).
Been spending the day updating servers for everyone. BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin |
Just in case anyone might want to know the exact procedure to update CentOS, just run this shell command: yum update bash My opinions expressed on this site, in no way represent those of Boonex or Boonex employees. |
RE Just in case anyone might want to know the exact procedure to update CentOS, just run this shell command: yum update bash Thanks, I would have not know what in the world to do. You saved us HL. ManOfTeal.COM a Proud UNA site, six years running strong! |
What if I am running Ubuntu/Debian? sudo apt-get update && sudo apt-get install --only-upgrade bash Geeks, making the world a better place |
Thanks, I would have not know what in the world to do.
Well, if asked... Geeks, making the world a better place |
RE What if I am running Ubuntu/Debian? sudo apt-get update && sudo apt-get install --only-upgrade bash I ran the check and all my servers "seem" ok, unless I'm missing something. ManOfTeal.COM a Proud UNA site, six years running strong! |
RE What if I am running Ubuntu/Debian? sudo apt-get update && sudo apt-get install --only-upgrade bash I ran the check and all my servers "seem" ok, unless I'm missing something. To check, I ran the test: env x='() { :;}; echo vulnerable' bash -c "echo this is a test" before I updated bash and it came back vulnerable. I then updated bash using yum and ran the test again and it came back with just the "this is a test". I recall that you just got a new server so most likely your provider has already updated bash. I am running an unmanaged server so I have to do all this stuff myself. Geeks, making the world a better place |
