bash security hole
Mark Fraser
mfraz74+ubuntu at gmail.com
Thu Sep 25 18:36:44 UTC 2014
On 25 Sep 2014 15:47, "Scott DuBois" <sdubois at linux.com> wrote:
>
> On 09/25/2014 03:15 AM, Mark Fraser wrote:
> > On Thursday 25 Sep 2014 10:46:14 A.J. Bonnema wrote:
> >> On 09/25/2014 10:38 AM, Errol Sapir wrote:
> >>> I received this url from a Linux friend of mine.
> >>>
> >>>
http://arstechnica.com/security/2014/09/bug-in-bash-shell-creates-big-secu
> >>> rity-hole-on-anything-with-nix-in-it/
> >>>
> >>> I did the test and saw I was vulnerable so I did read the Ubuntu page,
> >>> did the "fix" which is
> >>> $ sudo apt-get update
> >>> $ sudo apt-get dist-upgrade
> >>> and am no longer vulnerable.
> >>>
> >>> Errol
> >>
> >> Thanks for the tip. I run Fedora 20. It has the same vulnerability, but
> >> no patch was issued yet. Hopefully the patch is in the pipeline.
> >>
> >> For me it is not that urgent as my machines have no open ports to the
> >> internet (no open servers). However, I will feel better when this is
> >> patched. It is a pretty simple way to break in. Yes, I really fear
> >> script kiddies -- of any age -- xD.
> >>
> >> Guus.
> >
> > I read somewhere that as we us dash instead of bash that Ubuntu isn't
> > vulnerable, but I did the security update yesterday anyway.
> >
>
> You must have ran across some bad info, I tested for the vulnerability
> yesterday at 6pm and had it. Ran update & upgrade and it was fixed.
>
> https://access.redhat.com/articles/1200223
http://www.theregister.co.uk/2014/09/24/bash_shell_vuln/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/kubuntu-users/attachments/20140925/ba82ea63/attachment.html>
More information about the kubuntu-users
mailing list