bash security hole
Cody Smith
cody.smith9202 at gmail.com
Thu Sep 25 21:41:06 UTC 2014
Nope, Grub doesn't usually fix this kind of issue. it has to be fixed in
Bash itself.
--c_smith
On Thu, Sep 25, 2014 at 11:45 AM, <accessys at smart.net> wrote:
>
> seems when doing this all the patches were in Grub????
>
> Bob
>
>
> On Thu, 25 Sep 2014, Mark Fraser wrote:
>
> Date: Thu, 25 Sep 2014 19:36:44 +0100
>> From: Mark Fraser <mfraz74+ubuntu at gmail.com>
>> Reply-To: Kubuntu user technical support <kubuntu-users at lists.ubuntu.com>
>> To: Kubuntu user technical support <kubuntu-users at lists.ubuntu.com>
>> Subject: Re: bash security hole
>>
>>
>> On 25 Sep 2014 15:47, "Scott DuBois" <sdubois at linux.com> wrote:
>>
>>>
>>> On 09/25/2014 03:15 AM, Mark Fraser wrote:
>>>
>>>> On Thursday 25 Sep 2014 10:46:14 A.J. Bonnema wrote:
>>>>
>>>>> On 09/25/2014 10:38 AM, Errol Sapir wrote:
>>>>>
>>>>>> I received this url from a Linux friend of mine.
>>>>>>
>>>>>>
>>>>>> http://arstechnica.com/security/2014/09/bug-in-bash-
>> shell-creates-big-secu
>>
>>> rity-hole-on-anything-with-nix-in-it/
>>>>>>
>>>>>> I did the test and saw I was vulnerable so I did read the Ubuntu page,
>>>>>> did the "fix" which is
>>>>>> $ sudo apt-get update
>>>>>> $ sudo apt-get dist-upgrade
>>>>>> and am no longer vulnerable.
>>>>>>
>>>>>> Errol
>>>>>>
>>>>>
>>>>> Thanks for the tip. I run Fedora 20. It has the same vulnerability, but
>>>>> no patch was issued yet. Hopefully the patch is in the pipeline.
>>>>>
>>>>> For me it is not that urgent as my machines have no open ports to the
>>>>> internet (no open servers). However, I will feel better when this is
>>>>> patched. It is a pretty simple way to break in. Yes, I really fear
>>>>> script kiddies -- of any age -- xD.
>>>>>
>>>>> Guus.
>>>>>
>>>>
>>>> I read somewhere that as we us dash instead of bash that Ubuntu isn't
>>>> vulnerable, but I did the security update yesterday anyway.
>>>>
>>>>
>>> You must have ran across some bad info, I tested for the vulnerability
>>> yesterday at 6pm and had it. Ran update & upgrade and it was fixed.
>>>
>>> https://access.redhat.com/articles/1200223
>>>
>>
>> http://www.theregister.co.uk/2014/09/24/bash_shell_vuln/
>>
>>
>
>
> --
> kubuntu-users mailing list
> kubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/
> mailman/listinfo/kubuntu-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/kubuntu-users/attachments/20140925/c649128e/attachment.html>
More information about the kubuntu-users
mailing list