LUG: We are all patching, right?

Ezekiel T. Chopper echopper at mines.edu
Fri Sep 26 20:03:41 MDT 2014


For Debian you can follow https://www.debian.org/security/ for security
updates. Currently there isn't a full patch. There is an initial patch that
fixed the surface level bug, but introduced bugs of its own.

Here (
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
) is a blog post from the RedHat security people that they will keep
updated for news on distros of that variety.

Apple has made a statement that OS X users aren't vulnerable unless they
are using "advanced UNIX services" and that a patch for those "advanced"
users is in the works, but you should probably download the bash source
patch it yourself in Xcode and run your patched version. (They're kind of
busy patching iOS 8) info:
http://www.imore.com/apple-working-quickly-protect-os-x-against-shellshock-exploit

-- 
Ezekiel Chopper
Undergraduate Computer Science student
Infrastructure Intern at Health Language, Inc.
System Administrator for CARDI, Toilers, and SmartGeo

On Thu, Sep 25, 2014 at 5:07 PM, Kyle Thompson Kluherz <
kkluherz at mymail.mines.edu> wrote:

> I haven't found a patch for Mint yet, anyone know if there might be one?
> I'm running the Debian-based edition.
> -Tk
>
> On Thu, Sep 25, 2014 at 4:58 PM, Keith Hellman <khellman at mcprogramming.com
> > wrote:
>
>>
>> http://apple.slashdot.org/story/14/09/25/1757208/flurry-of-scans-hint-that-bash-vulnerability-could-already-be-in-the-wild
>> --
>> Keith Hellman                             #include <disclaimer.h>
>> khellman at mcprogramming.com                from disclaimer import standard
>> khellman at mines.edu
>>                                    -*-
>>                     public key @ pgp.mit.edu 9FCF40FD
>>         Y!M: mcprogramming                       AIM/ICQ: 485403897
>>         jabber: mrtuple at jabber.org     irc: freenode.net as mrtuple
>>                                    -*-
>>
>> "Windows is about choice - you can mix and match software and music player
>> stuff. We believe you should have the same choice when it comes to music
>> services."
>>
>> -- David Fester, General Manager of Microsoft's Windows Digital Media
>> Division
>>    http://apple.slashdot.org/apple/04/01/13/0158224.shtml?tid=109&tid=187
>>
>> _______________________________________________
>> lug mailing list
>> lug at mailman.mines.edu
>> https://mailman.mines.edu/mailman/listinfo/lug
>>
>>
>
> _______________________________________________
> lug mailing list
> lug at mailman.mines.edu
> https://mailman.mines.edu/mailman/listinfo/lug
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.mines.edu/mailman/private/lug/attachments/20140926/e7a9e0a8/attachment.html>


More information about the lug mailing list