bash security hole
Cody Smith
cody.smith9202 at gmail.com
Thu Sep 25 23:03:30 UTC 2014
This bug is a vulnerability in Bash, yes.
--c_smith
On Thu, Sep 25, 2014 at 3:36 PM, <accessys at smart.net> wrote:
>
> was in bash???
>
>
> Bob
>
>
> On Thu, 25 Sep 2014, Cody Smith wrote:
>
> Date: Thu, 25 Sep 2014 14:41:06 -0700
>> From: Cody Smith <cody.smith9202 at gmail.com>
>>
>> Reply-To: Kubuntu user technical support <kubuntu-users at lists.ubuntu.com>
>> To: Kubuntu user technical support <kubuntu-users at lists.ubuntu.com>
>> Subject: Re: bash security hole
>>
>> Nope, Grub doesn't usually fix this kind of issue. it has to be fixed in
>> Bash itself.
>>
>> --c_smith
>>
>> On Thu, Sep 25, 2014 at 11:45 AM, <accessys at smart.net> wrote:
>>
>>
>>> seems when doing this all the patches were in Grub????
>>>
>>> Bob
>>>
>>>
>>> On Thu, 25 Sep 2014, Mark Fraser wrote:
>>>
>>> Date: Thu, 25 Sep 2014 19:36:44 +0100
>>>
>>>> From: Mark Fraser <mfraz74+ubuntu at gmail.com>
>>>> Reply-To: Kubuntu user technical support <kubuntu-users at lists.ubuntu.
>>>> com>
>>>> To: Kubuntu user technical support <kubuntu-users at lists.ubuntu.com>
>>>> Subject: Re: bash security hole
>>>>
>>>>
>>>> On 25 Sep 2014 15:47, "Scott DuBois" <sdubois at linux.com> wrote:
>>>>
>>>>
>>>>> On 09/25/2014 03:15 AM, Mark Fraser wrote:
>>>>>
>>>>> On Thursday 25 Sep 2014 10:46:14 A.J. Bonnema wrote:
>>>>>>
>>>>>> On 09/25/2014 10:38 AM, Errol Sapir wrote:
>>>>>>>
>>>>>>> I received this url from a Linux friend of mine.
>>>>>>>>
>>>>>>>>
>>>>>>>> http://arstechnica.com/security/2014/09/bug-in-bash-
>>>>>>>>
>>>>>>> shell-creates-big-secu
>>>>
>>>> rity-hole-on-anything-with-nix-in-it/
>>>>>
>>>>>>
>>>>>>>> I did the test and saw I was vulnerable so I did read the Ubuntu
>>>>>>>> page,
>>>>>>>> did the "fix" which is
>>>>>>>> $ sudo apt-get update
>>>>>>>> $ sudo apt-get dist-upgrade
>>>>>>>> and am no longer vulnerable.
>>>>>>>>
>>>>>>>> Errol
>>>>>>>>
>>>>>>>>
>>>>>>> Thanks for the tip. I run Fedora 20. It has the same vulnerability,
>>>>>>> but
>>>>>>> no patch was issued yet. Hopefully the patch is in the pipeline.
>>>>>>>
>>>>>>> For me it is not that urgent as my machines have no open ports to the
>>>>>>> internet (no open servers). However, I will feel better when this is
>>>>>>> patched. It is a pretty simple way to break in. Yes, I really fear
>>>>>>> script kiddies -- of any age -- xD.
>>>>>>>
>>>>>>> Guus.
>>>>>>>
>>>>>>>
>>>>>> I read somewhere that as we us dash instead of bash that Ubuntu isn't
>>>>>> vulnerable, but I did the security update yesterday anyway.
>>>>>>
>>>>>>
>>>>>> You must have ran across some bad info, I tested for the
>>>>> vulnerability
>>>>> yesterday at 6pm and had it. Ran update & upgrade and it was fixed.
>>>>>
>>>>> https://access.redhat.com/articles/1200223
>>>>>
>>>>>
>>>> http://www.theregister.co.uk/2014/09/24/bash_shell_vuln/
>>>>
>>>>
>>>>
>>>
>>> --
>>> kubuntu-users mailing list
>>> kubuntu-users at lists.ubuntu.com
>>> Modify settings or unsubscribe at: https://lists.ubuntu.com/
>>> mailman/listinfo/kubuntu-users
>>>
>>>
>>
>
>
> --
> kubuntu-users mailing list
> kubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/
> mailman/listinfo/kubuntu-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/kubuntu-users/attachments/20140925/742838b6/attachment.html>
More information about the kubuntu-users
mailing list