[AusNOG] bash bug !
James Andrewartha
trs80 at ucc.gu.uwa.edu.au
Fri Sep 26 01:43:04 EST 2014
On Thu, 25 Sep 2014, Nathan Gardiner wrote:
> What's the particular concern with Debian based devices? Debian pushed bash 4.2+dfsg-0.1+deb7u1 for wheezy 14 hours ago and any
> device which uses the Debian repositories would pick it up with a dist-upgrade/specific package upgrade. Proxmox VE 3.1 hosts
> not only have the Debian repository but also have inbuilt package update functionality in the GUI which makes it quite easy to
> update.
Debian bash is still vulnerable, try this:
dpkg -l bash | grep ^ii; rm -f echo; env X='() { (a)=>\' bash -c "echo date"; cat echo
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762760
--
# TRS-80 trs80(a)ucc.gu.uwa.edu.au #/ "Otherwise Bub here will do \
# UCC Wheel Member http://trs80.ucc.asn.au/ #| what squirrels do best |
[ "There's nobody getting rich writing ]| -- Collect and hide your |
[ software that I know of" -- Bill Gates, 1980 ]\ nuts." -- Acid Reflux #231 /
More information about the AusNOG
mailing list