Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 21 replies
  • Subscribers 4 subscribers
  • Views 8317 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Bash security vulnerbility

thefuzz4
Hey Everyone,

With the new news (SHELL SHOCK: Bash bug blows holes in Unix, Linux, OS X systems) about the bash shell today do we know if and when Sophos is going to release a patch for this?  

I apologize if I'm posting this in the wrong section but well none of the other sections looked like this belonged in there.  Thanks.


This thread was automatically locked due to age.
Parents
  • 0 
    loginuser@firewall:/home/login > bash --version

    GNU bash, version 3.2.51(1)-release (i686-suse-linux-gnu)


    Still not patched... Even OSX got patched by now...
  • 0 in reply to StephaneGROBETY
    Up2Date 9.208008 package description:

    Remark:
     System will be rebooted

    News:
     Security Release
     Update bash package to fix potential vulnerabilities
     References: CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
     So far we are not aware of any service on UTM actually exposing these problems to attackers, this is a precautionary update.

    Bugfix:
     Fix [33059]: CVE-2014-6271 bash: specially-crafted environment variables can be used to inject shell commands [9.2]

    RPM packages contained:
     bash-3.2-147.22.1.1823.g6106706.i686.rpm          
     ep-release-9.208-8.noarch.rpm
Reply
  • 0 in reply to StephaneGROBETY
    Up2Date 9.208008 package description:

    Remark:
     System will be rebooted

    News:
     Security Release
     Update bash package to fix potential vulnerabilities
     References: CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
     So far we are not aware of any service on UTM actually exposing these problems to attackers, this is a precautionary update.

    Bugfix:
     Fix [33059]: CVE-2014-6271 bash: specially-crafted environment variables can be used to inject shell commands [9.2]

    RPM packages contained:
     bash-3.2-147.22.1.1823.g6106706.i686.rpm          
     ep-release-9.208-8.noarch.rpm
Children
No Data
Unfiltered HTML