[LON-CAPA-admin] You probably want to update your machines
Gerd Kortemeyer
korte at lite.msu.edu
Fri Sep 26 08:39:42 EDT 2014
Hi,
There’s a new vulnerability out there called “Shellshock” - very picturesque name, on par with “Heartbleed.”
Anyway, it’s an easy to exploit Apache vulnerability, so please address it asap.
Package updates on your server should report a new version of bash, like so:
[root at localhost install]# yum update
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: mirror.oss.ou.edu
* extras: mirror.rackspace.com
* updates: mirrors.rit.edu
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package bash.x86_64 0:4.1.2-15.el6_4 will be updated
---> Package bash.x86_64 0:4.1.2-15.el6_5.2 will be an update
For more details, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271
- Gerd.
More information about the LON-CAPA-admin
mailing list