On 10/01/2014 02:59 PM, David Dejaeghere wrote:
What part of:
"Debian GNU/Linux 5.0 has been superseded by Debian 6.0 ("squeeze").
Security updates have been discontinued as of February 6th, 2012. "
http://www.debian.org/releases/lenny/index.en.html
, didnt you understand? :)
There are much more security issues than shellshock alone with Debian
Lenny in its current state. If you need to secure your old boxes you
will have to look for alternative methods outside of supported
packages. Think about improved firewalling.
What attack vectors of the shellshock exploit are worrying to you?
Regards,
David
2014-10-01 13:45 GMT+02:00 Nikolay Hristov <ge...@stemo.bg
<mailto:ge...@stemo.bg>>:
On 10/01/2014 02:37 PM, Izak Burger wrote:
I made lenny packages for my machines. I could share them if you
want?
On Wed, Oct 1, 2014 at 1:28 PM, Nikolay Hristov <ge...@stemo.bg
<mailto:ge...@stemo.bg>> wrote:
Hello there,
I know that this is outdated debian release and it is in the
archives but I still have 6 servers running Lenny and I don't
want to upgrade them to newer versions for several reasons.
Any chance that we will get official debian package for
Lenny? I'm sure that I'm not the only one with such problem.
I don't want to use deb packages from different sources
because I cannot trust them.
Shellshock has such big impact on the internet so please give
us Lenny package.
Nikolay Hristov
--
To UNSUBSCRIBE, email to
debian-security-requ...@lists.debian.org
<mailto:debian-security-requ...@lists.debian.org>
with a subject of "unsubscribe". Trouble? Contact
listmas...@lists.debian.org <mailto:listmas...@lists.debian.org>
Archive: https://lists.debian.org/542be551.3020...@stemo.bg
Which part of "I don't want to use deb packages from different
sources because I cannot trust them" you didnt understand? ;-)
Nikolay Hristov
I got only qmail on them and that is all. No other ports opened and
daemontools uses bash. Some of them are also running tinydns. I can try
change default shell to dash but the servers are not at my location and
I will need to travel a lot if something goes wrong. In other words we
need security update for older debian distributions.
Nikolay Hristov