<div dir="ltr">Linux Mint 15 and 17 are showing vulnerable. No patch available in apt as of 7:15p. <br></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Sep 24, 2014 at 6:01 PM, Chuck Payne <span dir="ltr"><<a href="mailto:terrorpup@gmail.com" target="_blank">terrorpup@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Looks like updates are there for CentOS<br>
<br>
You should 'yum update' as soon as possible to resolve this issue.<br>
<br>
<br>
Here's why you should care:<br>
<a href="https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/" target="_blank">https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/</a><br>
<br>
<br>
Links to the centos updates:<br>
<br>
CentOS-5:<a href="http://lists.centos.org/pipermail/centos-announce/2014-September/020582.html" target="_blank">http://lists.centos.org/pipermail/centos-announce/2014-September/020582.html</a><br>
<br>
CentOS-6:<a href="http://lists.centos.org/pipermail/centos-announce/2014-September/020585.html" target="_blank">http://lists.centos.org/pipermail/centos-announce/2014-September/020585.html</a><br>
<br>
CentOS-7:<a href="http://lists.centos.org/pipermail/centos-announce/2014-September/020583.html" target="_blank">http://lists.centos.org/pipermail/centos-announce/2014-September/020583.html</a><br>
<div><div class="h5"><br>
<br>
On Wed, Sep 24, 2014 at 5:43 PM, Chuck Payne <<a href="mailto:terrorpup@gmail.com">terrorpup@gmail.com</a>> wrote:<br>
<br>
> I was just abot to ask if there is a fix for CentOS6 as it there.<br>
><br>
><br>
> <a href="https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/" target="_blank">https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/</a><br>
><br>
> env x='() { :;}; echo vulnerable' bash -c "echo this is a test"<br>
> vulnerable<br>
> this is a test<br>
><br>
><br>
> On Wed, Sep 24, 2014 at 5:37 PM, David Ritchie <<a href="mailto:deritchie@gmail.com">deritchie@gmail.com</a>><br>
> wrote:<br>
><br>
>> <a href="https://access.redhat.com/articles/1200223?sc_cid=70160000000e8eaAAA&" target="_blank">https://access.redhat.com/articles/1200223?sc_cid=70160000000e8eaAAA&</a><br>
>><br>
>> Also seen in Solaris - there is probably others...<br>
>><br>
>><br>
>> -- David<br>
>> -------------- next part --------------<br>
>> An HTML attachment was scrubbed...<br>
>> URL: <<br>
>> <a href="http://mail.ale.org/pipermail/ale/attachments/20140924/8fd72427/attachment.html" target="_blank">http://mail.ale.org/pipermail/ale/attachments/20140924/8fd72427/attachment.html</a><br>
>> ><br>
>> _______________________________________________<br>
>> Ale mailing list<br>
>> <a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
>> <a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
>> See JOBS, ANNOUNCE and SCHOOLS lists at<br>
>> <a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
>><br>
><br>
><br>
><br>
> --<br>
> Terror PUP a.k.a<br>
> Chuck "PUP" Payne<br>
><br>
> <a href="tel:678%20636%209678" value="+16786369678">678 636 9678</a><br>
> -----------------------------------------<br>
> Discover it! Enjoy it! Share it! openSUSE Linux.<br>
> -----------------------------------------<br>
> openSUSE -- Terrorpup<br>
> openSUSE Ambassador/openSUSE Member<br>
> skype,twiiter,identica,friendfeed -- terrorpup<br>
> freenode(irc) --terrorpup/lupinstein<br>
> Register Linux Userid: 155363<br>
><br>
> Have you tried SUSE Studio? Need to create a Live CD, an app you want to<br>
> package and distribute , or create your own linux distro. Give SUSE Studio<br>
> a try.<br>
><br>
><br>
<br>
<br>
--<br>
Terror PUP a.k.a<br>
Chuck "PUP" Payne<br>
<br>
<a href="tel:678%20636%209678" value="+16786369678">678 636 9678</a><br>
-----------------------------------------<br>
Discover it! Enjoy it! Share it! openSUSE Linux.<br>
-----------------------------------------<br>
openSUSE -- Terrorpup<br>
openSUSE Ambassador/openSUSE Member<br>
skype,twiiter,identica,friendfeed -- terrorpup<br>
freenode(irc) --terrorpup/lupinstein<br>
Register Linux Userid: 155363<br>
<br>
Have you tried SUSE Studio? Need to create a Live CD, an app you want to<br>
package and distribute , or create your own linux distro. Give SUSE Studio<br>
a try.<br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
</div></div>URL: <<a href="http://mail.ale.org/pipermail/ale/attachments/20140924/66f138d6/attachment.html" target="_blank">http://mail.ale.org/pipermail/ale/attachments/20140924/66f138d6/attachment.html</a>><br>
<div class="HOEnZb"><div class="h5">_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
</div></div></blockquote></div><br></div>