bash security hole
sdubois at linux.com
Thu Sep 25 14:46:13 UTC 2014
On 09/25/2014 03:15 AM, Mark Fraser wrote:
> On Thursday 25 Sep 2014 10:46:14 A.J. Bonnema wrote:
>> On 09/25/2014 10:38 AM, Errol Sapir wrote:
>>> I received this url from a Linux friend of mine.
>>> I did the test and saw I was vulnerable so I did read the Ubuntu page,
>>> did the "fix" which is
>>> $ sudo apt-get update
>>> $ sudo apt-get dist-upgrade
>>> and am no longer vulnerable.
>> Thanks for the tip. I run Fedora 20. It has the same vulnerability, but
>> no patch was issued yet. Hopefully the patch is in the pipeline.
>> For me it is not that urgent as my machines have no open ports to the
>> internet (no open servers). However, I will feel better when this is
>> patched. It is a pretty simple way to break in. Yes, I really fear
>> script kiddies -- of any age -- xD.
> I read somewhere that as we us dash instead of bash that Ubuntu isn't
> vulnerable, but I did the security update yesterday anyway.
You must have ran across some bad info, I tested for the vulnerability
yesterday at 6pm and had it. Ran update & upgrade and it was fixed.
BSIT Software Engineering
More information about the kubuntu-users