<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 09/25/2014 10:38 AM, Errol Sapir
wrote:<br>
</div>
<blockquote cite="mid:5423D48B.3050708@tzora.co.il" type="cite">
<meta http-equiv="content-type" content="text/html;
charset=windows-1252">
<style type="text/css">body p { margin-bottom: 0cm; margin-top: 0pt; } </style>
I received this url from a Linux friend of mine.<br>
<br>
<a moz-do-not-send="true" class="moz-txt-link-freetext"
href="http://arstechnica.com/security/2014/09/bug-in-bash-shell-creates-big-security-hole-on-anything-with-nix-in-it/">http://arstechnica.com/security/2014/09/bug-in-bash-shell-creates-big-security-hole-on-anything-with-nix-in-it/</a><br>
<br>
I did the test and saw I was vulnerable so I did read the Ubuntu
page, did the "fix" which is<br>
<pre>$ sudo apt-get update
<span class="anchor" id="line-2"></span>$ sudo apt-get dist-upgrade
and am no longer vulnerable.
Errol
</pre>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
</blockquote>
Thanks for the tip. I run Fedora 20. It has the same vulnerability,
but no patch was issued yet. Hopefully the patch is in the pipeline.<br>
<br>
For me it is not that urgent as my machines have no open ports to
the internet (no open servers). However, I will feel better when
this is patched. It is a pretty simple way to break in. Yes, I
really fear script kiddies -- of any age -- xD.<br>
<br>
Guus.<br>
</body>
</html>