This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Bash security vulnerbility

Hey Everyone,

With the new news (SHELL SHOCK: Bash bug blows holes in Unix, Linux, OS X systems) about the bash shell today do we know if and when Sophos is going to release a patch for this?  

I apologize if I'm posting this in the wrong section but well none of the other sections looked like this belonged in there.  Thanks.


This thread was automatically locked due to age.
Parents Reply Children
  • Up2Date 9.208008 package description:

    Remark:
     System will be rebooted

    News:
     Security Release
     Update bash package to fix potential vulnerabilities
     References: CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
     So far we are not aware of any service on UTM actually exposing these problems to attackers, this is a precautionary update.

    Bugfix:
     Fix [33059]: CVE-2014-6271 bash: specially-crafted environment variables can be used to inject shell commands [9.2]

    RPM packages contained:
     bash-3.2-147.22.1.1823.g6106706.i686.rpm          
     ep-release-9.208-8.noarch.rpm