bash security hole
accessys at smart.net
accessys at smart.net
Thu Sep 25 22:36:29 UTC 2014
was in bash???
Bob
On Thu, 25 Sep 2014, Cody Smith wrote:
> Date: Thu, 25 Sep 2014 14:41:06 -0700
> From: Cody Smith <cody.smith9202 at gmail.com>
> Reply-To: Kubuntu user technical support <kubuntu-users at lists.ubuntu.com>
> To: Kubuntu user technical support <kubuntu-users at lists.ubuntu.com>
> Subject: Re: bash security hole
>
> Nope, Grub doesn't usually fix this kind of issue. it has to be fixed in
> Bash itself.
>
> --c_smith
>
> On Thu, Sep 25, 2014 at 11:45 AM, <accessys at smart.net> wrote:
>
>>
>> seems when doing this all the patches were in Grub????
>>
>> Bob
>>
>>
>> On Thu, 25 Sep 2014, Mark Fraser wrote:
>>
>> Date: Thu, 25 Sep 2014 19:36:44 +0100
>>> From: Mark Fraser <mfraz74+ubuntu at gmail.com>
>>> Reply-To: Kubuntu user technical support <kubuntu-users at lists.ubuntu.com>
>>> To: Kubuntu user technical support <kubuntu-users at lists.ubuntu.com>
>>> Subject: Re: bash security hole
>>>
>>>
>>> On 25 Sep 2014 15:47, "Scott DuBois" <sdubois at linux.com> wrote:
>>>
>>>>
>>>> On 09/25/2014 03:15 AM, Mark Fraser wrote:
>>>>
>>>>> On Thursday 25 Sep 2014 10:46:14 A.J. Bonnema wrote:
>>>>>
>>>>>> On 09/25/2014 10:38 AM, Errol Sapir wrote:
>>>>>>
>>>>>>> I received this url from a Linux friend of mine.
>>>>>>>
>>>>>>>
>>>>>>> http://arstechnica.com/security/2014/09/bug-in-bash-
>>> shell-creates-big-secu
>>>
>>>> rity-hole-on-anything-with-nix-in-it/
>>>>>>>
>>>>>>> I did the test and saw I was vulnerable so I did read the Ubuntu page,
>>>>>>> did the "fix" which is
>>>>>>> $ sudo apt-get update
>>>>>>> $ sudo apt-get dist-upgrade
>>>>>>> and am no longer vulnerable.
>>>>>>>
>>>>>>> Errol
>>>>>>>
>>>>>>
>>>>>> Thanks for the tip. I run Fedora 20. It has the same vulnerability, but
>>>>>> no patch was issued yet. Hopefully the patch is in the pipeline.
>>>>>>
>>>>>> For me it is not that urgent as my machines have no open ports to the
>>>>>> internet (no open servers). However, I will feel better when this is
>>>>>> patched. It is a pretty simple way to break in. Yes, I really fear
>>>>>> script kiddies -- of any age -- xD.
>>>>>>
>>>>>> Guus.
>>>>>>
>>>>>
>>>>> I read somewhere that as we us dash instead of bash that Ubuntu isn't
>>>>> vulnerable, but I did the security update yesterday anyway.
>>>>>
>>>>>
>>>> You must have ran across some bad info, I tested for the vulnerability
>>>> yesterday at 6pm and had it. Ran update & upgrade and it was fixed.
>>>>
>>>> https://access.redhat.com/articles/1200223
>>>>
>>>
>>> http://www.theregister.co.uk/2014/09/24/bash_shell_vuln/
>>>
>>>
>>
>>
>> --
>> kubuntu-users mailing list
>> kubuntu-users at lists.ubuntu.com
>> Modify settings or unsubscribe at: https://lists.ubuntu.com/
>> mailman/listinfo/kubuntu-users
>>
>
More information about the kubuntu-users
mailing list