Re: [SLUG] BASH update for Debian 6?
thanks for the tip Mark, I had considered trying to install the BASH update for Wheezy on my Squeeze machines but the thought of getting the dependencies met seemed daunting. I tried your commands but as suspected, ran into dependency issues - Multiarch-support needs libc6 = 2.13-5, updating libc6 requires a newer locales, and on it goes. The default shell on my systems is /bin/dash and /etc/passwd shows all accounts except mine and root have /bin/sh (dash) as their shell. So it might just be easier to change the shell for my account and roots account, and then uninstall BASH. On Fri, Sep 26, 2014 at 2:52 PM, Mark Anthony Delfin m...@delfin.me wrote: For some of my debian 6 test boxes I did wget http://security.debian.org/debian-security/pool/updates/main/e/eglibc/multiarch-support_2.13-38+deb7u4_amd64.deb wget http://ftp.us.debian.org/debian/pool/main/n/ncurses/libtinfo5_5.9-10_amd64.deb wget http://security.debian.org/debian-security/pool/updates/main/b/bash/bash_4.2+dfsg-0.1+deb7u3_amd64.deb dpkg -i multiarch-support_2.13-38+deb7u4_amd64.deb dpkg -i libtinfo5_5.9-10_amd64.deb dpkg -i bash_4.2+dfsg-0.1+deb7u3_amd64.deb On Fri, Sep 26, 2014 at 10:36 AM, Chris Barnes chris.p.bar...@gmail.com wrote: I'm keen to hear your idea Amos. On Fri, Sep 26, 2014 at 10:32 AM, Amos Shapira amos.shap...@gmail.com wrote: General question to everyone reading this - I have an idea for a service to provide tracking of such info (end of life, software life cycle) automatically. If anyone is curios to hear more, discuss or anything else, I'd be very happy to hear from you. Thanks. --Amos On 26 September 2014 10:28, Chris Barnes chris.p.bar...@gmail.com wrote: ahh thats the info i was looking for. Thanks Amos. You're right, upgrade is overdue. On Fri, Sep 26, 2014 at 10:23 AM, Amos Shapira amos.shap...@gmail.com wrote: According to https://wiki.debian.org/DebianSqueeze, regular security updates for squeeze were ended on May 31st 2014. LTS security updates are supposed to be released until 2016. LTS support is NOT provided by Debian security team. See the LTS announcement in https://www.debian.org/News/2014/20140424.html My take - upgrade is overdue. --Amos On 26 September 2014 08:56, Chris Barnes chris.p.bar...@gmail.com wrote: Hey people, I haven't seen an update for BASH come down in the Debian Squeeze security updates. As a result my machines are still vulnerable. My Debian 7 machines received the update promptly just not my 6 machines. Has anyone else received an update for BASH on Deb 6? Im using the security.Debian.org apt source for security updates. -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- http://au.linkedin.com/in/gliderflyer -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- http://au.linkedin.com/in/gliderflyer -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] BASH update for Debian 6?
On 26/09/14 17:38, Chris Barnes wrote: thanks for the tip Mark, I had considered trying to install the BASH update for Wheezy on my Squeeze machines but the thought of getting the dependencies met seemed daunting. I tried your commands but as suspected, ran into dependency issues - Multiarch-support needs libc6 = 2.13-5, updating libc6 requires a newer locales, and on it goes. The default shell on my systems is /bin/dash and /etc/passwd shows all accounts except mine and root have /bin/sh (dash) as their shell. So it might just be easier to change the shell for my account and roots account, and then uninstall BASH. I thought about doing this too, but what if scripts have #!/bin/bash Probably they shouldn't, but that doesn't mean they don't. On Fri, Sep 26, 2014 at 2:52 PM, Mark Anthony Delfin m...@delfin.me wrote: For some of my debian 6 test boxes I did wget http://security.debian.org/debian-security/pool/updates/main/e/eglibc/multiarch-support_2.13-38+deb7u4_amd64.deb wget http://ftp.us.debian.org/debian/pool/main/n/ncurses/libtinfo5_5.9-10_amd64.deb wget http://security.debian.org/debian-security/pool/updates/main/b/bash/bash_4.2+dfsg-0.1+deb7u3_amd64.deb dpkg -i multiarch-support_2.13-38+deb7u4_amd64.deb dpkg -i libtinfo5_5.9-10_amd64.deb dpkg -i bash_4.2+dfsg-0.1+deb7u3_amd64.deb On Fri, Sep 26, 2014 at 10:36 AM, Chris Barnes chris.p.bar...@gmail.com wrote: I'm keen to hear your idea Amos. On Fri, Sep 26, 2014 at 10:32 AM, Amos Shapira amos.shap...@gmail.com wrote: General question to everyone reading this - I have an idea for a service to provide tracking of such info (end of life, software life cycle) automatically. If anyone is curios to hear more, discuss or anything else, I'd be very happy to hear from you. Thanks. --Amos On 26 September 2014 10:28, Chris Barnes chris.p.bar...@gmail.com wrote: ahh thats the info i was looking for. Thanks Amos. You're right, upgrade is overdue. On Fri, Sep 26, 2014 at 10:23 AM, Amos Shapira amos.shap...@gmail.com wrote: According to https://wiki.debian.org/DebianSqueeze, regular security updates for squeeze were ended on May 31st 2014. LTS security updates are supposed to be released until 2016. LTS support is NOT provided by Debian security team. See the LTS announcement in https://www.debian.org/News/2014/20140424.html My take - upgrade is overdue. --Amos On 26 September 2014 08:56, Chris Barnes chris.p.bar...@gmail.com wrote: Hey people, I haven't seen an update for BASH come down in the Debian Squeeze security updates. As a result my machines are still vulnerable. My Debian 7 machines received the update promptly just not my 6 machines. Has anyone else received an update for BASH on Deb 6? Im using the security.Debian.org apt source for security updates. -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- http://au.linkedin.com/in/gliderflyer -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- http://au.linkedin.com/in/gliderflyer -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- David McQuire 0418 310312 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] BASH update for Debian 6?
Yep, it appears theres a number of things that depend on BASH so uninstalling isnt an option in my case. On Fri, Sep 26, 2014 at 5:45 PM, David da...@kenpro.com.au wrote: On 26/09/14 17:38, Chris Barnes wrote: thanks for the tip Mark, I had considered trying to install the BASH update for Wheezy on my Squeeze machines but the thought of getting the dependencies met seemed daunting. I tried your commands but as suspected, ran into dependency issues - Multiarch-support needs libc6 = 2.13-5, updating libc6 requires a newer locales, and on it goes. The default shell on my systems is /bin/dash and /etc/passwd shows all accounts except mine and root have /bin/sh (dash) as their shell. So it might just be easier to change the shell for my account and roots account, and then uninstall BASH. I thought about doing this too, but what if scripts have #!/bin/bash Probably they shouldn't, but that doesn't mean they don't. On Fri, Sep 26, 2014 at 2:52 PM, Mark Anthony Delfin m...@delfin.me wrote: For some of my debian 6 test boxes I did wget http://security.debian.org/debian-security/pool/updates/ main/e/eglibc/multiarch-support_2.13-38+deb7u4_amd64.deb wget http://ftp.us.debian.org/debian/pool/main/n/ncurses/ libtinfo5_5.9-10_amd64.deb wget http://security.debian.org/debian-security/pool/updates/ main/b/bash/bash_4.2+dfsg-0.1+deb7u3_amd64.deb dpkg -i multiarch-support_2.13-38+deb7u4_amd64.deb dpkg -i libtinfo5_5.9-10_amd64.deb dpkg -i bash_4.2+dfsg-0.1+deb7u3_amd64.deb On Fri, Sep 26, 2014 at 10:36 AM, Chris Barnes chris.p.bar...@gmail.com wrote: I'm keen to hear your idea Amos. On Fri, Sep 26, 2014 at 10:32 AM, Amos Shapira amos.shap...@gmail.com wrote: General question to everyone reading this - I have an idea for a service to provide tracking of such info (end of life, software life cycle) automatically. If anyone is curios to hear more, discuss or anything else, I'd be very happy to hear from you. Thanks. --Amos On 26 September 2014 10:28, Chris Barnes chris.p.bar...@gmail.com wrote: ahh thats the info i was looking for. Thanks Amos. You're right, upgrade is overdue. On Fri, Sep 26, 2014 at 10:23 AM, Amos Shapira amos.shap...@gmail.com wrote: According to https://wiki.debian.org/DebianSqueeze, regular security updates for squeeze were ended on May 31st 2014. LTS security updates are supposed to be released until 2016. LTS support is NOT provided by Debian security team. See the LTS announcement in https://www.debian.org/News/2014/20140424.html My take - upgrade is overdue. --Amos On 26 September 2014 08:56, Chris Barnes chris.p.bar...@gmail.com wrote: Hey people, I haven't seen an update for BASH come down in the Debian Squeeze security updates. As a result my machines are still vulnerable. My Debian 7 machines received the update promptly just not my 6 machines. Has anyone else received an update for BASH on Deb 6? Im using the security.Debian.org apt source for security updates. -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/ mailinglists.html -- http://au.linkedin.com/in/gliderflyer -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- http://au.linkedin.com/in/gliderflyer -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- David McQuire 0418 310312 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] BASH update for Debian 6?
On Fri, September 26, 2014 6:06 pm, Chris Barnes wrote: Yep, it appears theres a number of things that depend on BASH so uninstalling isnt an option in my case. http://www.linuxquestions.org/questions/showthread.php?p=5244106#post5244106 Works for me. On Fri, Sep 26, 2014 at 5:45 PM, David da...@kenpro.com.au wrote: On 26/09/14 17:38, Chris Barnes wrote: thanks for the tip Mark, I had considered trying to install the BASH update for Wheezy on my Squeeze machines but the thought of getting the dependencies met seemed daunting. I tried your commands but as suspected, ran into dependency issues - Multiarch-support needs libc6 = 2.13-5, updating libc6 requires a newer locales, and on it goes. The default shell on my systems is /bin/dash and /etc/passwd shows all accounts except mine and root have /bin/sh (dash) as their shell. So it might just be easier to change the shell for my account and roots account, and then uninstall BASH. I thought about doing this too, but what if scripts have #!/bin/bash Probably they shouldn't, but that doesn't mean they don't. On Fri, Sep 26, 2014 at 2:52 PM, Mark Anthony Delfin m...@delfin.me wrote: For some of my debian 6 test boxes I did wget http://security.debian.org/debian-security/pool/updates/ main/e/eglibc/multiarch-support_2.13-38+deb7u4_amd64.deb wget http://ftp.us.debian.org/debian/pool/main/n/ncurses/ libtinfo5_5.9-10_amd64.deb wget http://security.debian.org/debian-security/pool/updates/ main/b/bash/bash_4.2+dfsg-0.1+deb7u3_amd64.deb dpkg -i multiarch-support_2.13-38+deb7u4_amd64.deb dpkg -i libtinfo5_5.9-10_amd64.deb dpkg -i bash_4.2+dfsg-0.1+deb7u3_amd64.deb On Fri, Sep 26, 2014 at 10:36 AM, Chris Barnes chris.p.bar...@gmail.com wrote: I'm keen to hear your idea Amos. On Fri, Sep 26, 2014 at 10:32 AM, Amos Shapira amos.shap...@gmail.com wrote: General question to everyone reading this - I have an idea for a service to provide tracking of such info (end of life, software life cycle) automatically. If anyone is curios to hear more, discuss or anything else, I'd be very happy to hear from you. Thanks. --Amos On 26 September 2014 10:28, Chris Barnes chris.p.bar...@gmail.com wrote: ahh thats the info i was looking for. Thanks Amos. You're right, upgrade is overdue. On Fri, Sep 26, 2014 at 10:23 AM, Amos Shapira amos.shap...@gmail.com wrote: According to https://wiki.debian.org/DebianSqueeze, regular security updates for squeeze were ended on May 31st 2014. LTS security updates are supposed to be released until 2016. LTS support is NOT provided by Debian security team. See the LTS announcement in https://www.debian.org/News/2014/20140424.html My take - upgrade is overdue. --Amos On 26 September 2014 08:56, Chris Barnes chris.p.bar...@gmail.com wrote: Hey people, I haven't seen an update for BASH come down in the Debian Squeeze security updates. As a result my machines are still vulnerable. My Debian 7 machines received the update promptly just not my 6 machines. Has anyone else received an update for BASH on Deb 6? Im using the security.Debian.org apt source for security updates. -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/ mailinglists.html -- http://au.linkedin.com/in/gliderflyer -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- http://au.linkedin.com/in/gliderflyer -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- David McQuire 0418 310312 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- Patrick Shirkey Boost Hardware Ltd -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] BASH update for Debian 6?
Perfect Patrick. I didn't even realise the squeeze-lts repo existed so I've added another line to my apt.sources to pull that repo from my existing mirror. vulnerability patched! On Fri, Sep 26, 2014 at 6:09 PM, Patrick Shirkey pshir...@boosthardware.com wrote: On Fri, September 26, 2014 6:06 pm, Chris Barnes wrote: Yep, it appears theres a number of things that depend on BASH so uninstalling isnt an option in my case. http://www.linuxquestions.org/questions/showthread.php?p=5244106#post5244106 Works for me. On Fri, Sep 26, 2014 at 5:45 PM, David da...@kenpro.com.au wrote: On 26/09/14 17:38, Chris Barnes wrote: thanks for the tip Mark, I had considered trying to install the BASH update for Wheezy on my Squeeze machines but the thought of getting the dependencies met seemed daunting. I tried your commands but as suspected, ran into dependency issues - Multiarch-support needs libc6 = 2.13-5, updating libc6 requires a newer locales, and on it goes. The default shell on my systems is /bin/dash and /etc/passwd shows all accounts except mine and root have /bin/sh (dash) as their shell. So it might just be easier to change the shell for my account and roots account, and then uninstall BASH. I thought about doing this too, but what if scripts have #!/bin/bash Probably they shouldn't, but that doesn't mean they don't. On Fri, Sep 26, 2014 at 2:52 PM, Mark Anthony Delfin m...@delfin.me wrote: For some of my debian 6 test boxes I did wget http://security.debian.org/debian-security/pool/updates/ main/e/eglibc/multiarch-support_2.13-38+deb7u4_amd64.deb wget http://ftp.us.debian.org/debian/pool/main/n/ncurses/ libtinfo5_5.9-10_amd64.deb wget http://security.debian.org/debian-security/pool/updates/ main/b/bash/bash_4.2+dfsg-0.1+deb7u3_amd64.deb dpkg -i multiarch-support_2.13-38+deb7u4_amd64.deb dpkg -i libtinfo5_5.9-10_amd64.deb dpkg -i bash_4.2+dfsg-0.1+deb7u3_amd64.deb On Fri, Sep 26, 2014 at 10:36 AM, Chris Barnes chris.p.bar...@gmail.com wrote: I'm keen to hear your idea Amos. On Fri, Sep 26, 2014 at 10:32 AM, Amos Shapira amos.shap...@gmail.com wrote: General question to everyone reading this - I have an idea for a service to provide tracking of such info (end of life, software life cycle) automatically. If anyone is curios to hear more, discuss or anything else, I'd be very happy to hear from you. Thanks. --Amos On 26 September 2014 10:28, Chris Barnes chris.p.bar...@gmail.com wrote: ahh thats the info i was looking for. Thanks Amos. You're right, upgrade is overdue. On Fri, Sep 26, 2014 at 10:23 AM, Amos Shapira amos.shap...@gmail.com wrote: According to https://wiki.debian.org/DebianSqueeze, regular security updates for squeeze were ended on May 31st 2014. LTS security updates are supposed to be released until 2016. LTS support is NOT provided by Debian security team. See the LTS announcement in https://www.debian.org/News/2014/20140424.html My take - upgrade is overdue. --Amos On 26 September 2014 08:56, Chris Barnes chris.p.bar...@gmail.com wrote: Hey people, I haven't seen an update for BASH come down in the Debian Squeeze security updates. As a result my machines are still vulnerable. My Debian 7 machines received the update promptly just not my 6 machines. Has anyone else received an update for BASH on Deb 6? Im using the security.Debian.org apt source for security updates. -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/ mailinglists.html -- http://au.linkedin.com/in/gliderflyer -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- http://au.linkedin.com/in/gliderflyer -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- David McQuire 0418 310312 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- Patrick Shirkey Boost Hardware Ltd -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Re: [SLUG] BASH update for Debian 6?
edit: sources.list, not apt.sources On Fri, Sep 26, 2014 at 7:29 PM, Chris Barnes chris.p.bar...@gmail.com wrote: Perfect Patrick. I didn't even realise the squeeze-lts repo existed so I've added another line to my apt.sources to pull that repo from my existing mirror. vulnerability patched! On Fri, Sep 26, 2014 at 6:09 PM, Patrick Shirkey pshir...@boosthardware.com wrote: On Fri, September 26, 2014 6:06 pm, Chris Barnes wrote: Yep, it appears theres a number of things that depend on BASH so uninstalling isnt an option in my case. http://www.linuxquestions.org/questions/showthread.php?p=5244106#post5244106 Works for me. On Fri, Sep 26, 2014 at 5:45 PM, David da...@kenpro.com.au wrote: On 26/09/14 17:38, Chris Barnes wrote: thanks for the tip Mark, I had considered trying to install the BASH update for Wheezy on my Squeeze machines but the thought of getting the dependencies met seemed daunting. I tried your commands but as suspected, ran into dependency issues - Multiarch-support needs libc6 = 2.13-5, updating libc6 requires a newer locales, and on it goes. The default shell on my systems is /bin/dash and /etc/passwd shows all accounts except mine and root have /bin/sh (dash) as their shell. So it might just be easier to change the shell for my account and roots account, and then uninstall BASH. I thought about doing this too, but what if scripts have #!/bin/bash Probably they shouldn't, but that doesn't mean they don't. On Fri, Sep 26, 2014 at 2:52 PM, Mark Anthony Delfin m...@delfin.me wrote: For some of my debian 6 test boxes I did wget http://security.debian.org/debian-security/pool/updates/ main/e/eglibc/multiarch-support_2.13-38+deb7u4_amd64.deb wget http://ftp.us.debian.org/debian/pool/main/n/ncurses/ libtinfo5_5.9-10_amd64.deb wget http://security.debian.org/debian-security/pool/updates/ main/b/bash/bash_4.2+dfsg-0.1+deb7u3_amd64.deb dpkg -i multiarch-support_2.13-38+deb7u4_amd64.deb dpkg -i libtinfo5_5.9-10_amd64.deb dpkg -i bash_4.2+dfsg-0.1+deb7u3_amd64.deb On Fri, Sep 26, 2014 at 10:36 AM, Chris Barnes chris.p.bar...@gmail.com wrote: I'm keen to hear your idea Amos. On Fri, Sep 26, 2014 at 10:32 AM, Amos Shapira amos.shap...@gmail.com wrote: General question to everyone reading this - I have an idea for a service to provide tracking of such info (end of life, software life cycle) automatically. If anyone is curios to hear more, discuss or anything else, I'd be very happy to hear from you. Thanks. --Amos On 26 September 2014 10:28, Chris Barnes chris.p.bar...@gmail.com wrote: ahh thats the info i was looking for. Thanks Amos. You're right, upgrade is overdue. On Fri, Sep 26, 2014 at 10:23 AM, Amos Shapira amos.shap...@gmail.com wrote: According to https://wiki.debian.org/DebianSqueeze, regular security updates for squeeze were ended on May 31st 2014. LTS security updates are supposed to be released until 2016. LTS support is NOT provided by Debian security team. See the LTS announcement in https://www.debian.org/News/2014/20140424.html My take - upgrade is overdue. --Amos On 26 September 2014 08:56, Chris Barnes chris.p.bar...@gmail.com wrote: Hey people, I haven't seen an update for BASH come down in the Debian Squeeze security updates. As a result my machines are still vulnerable. My Debian 7 machines received the update promptly just not my 6 machines. Has anyone else received an update for BASH on Deb 6? Im using the security.Debian.org apt source for security updates. -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/ mailinglists.html -- http://au.linkedin.com/in/gliderflyer -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- http://au.linkedin.com/in/gliderflyer -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- David McQuire 0418 310312 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- Patrick Shirkey Boost Hardware Ltd -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- Kind
[SLUG] BASH update for Debian 6?
Hey people, I haven't seen an update for BASH come down in the Debian Squeeze security updates. As a result my machines are still vulnerable. My Debian 7 machines received the update promptly just not my 6 machines. Has anyone else received an update for BASH on Deb 6? Im using the security.Debian.org apt source for security updates. -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] BASH update for Debian 6?
According to https://wiki.debian.org/DebianSqueeze, regular security updates for squeeze were ended on May 31st 2014. LTS security updates are supposed to be released until 2016. LTS support is NOT provided by Debian security team. See the LTS announcement in https://www.debian.org/News/2014/20140424.html My take - upgrade is overdue. --Amos On 26 September 2014 08:56, Chris Barnes chris.p.bar...@gmail.com wrote: Hey people, I haven't seen an update for BASH come down in the Debian Squeeze security updates. As a result my machines are still vulnerable. My Debian 7 machines received the update promptly just not my 6 machines. Has anyone else received an update for BASH on Deb 6? Im using the security.Debian.org apt source for security updates. -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- http://au.linkedin.com/in/gliderflyer -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] BASH update for Debian 6?
ahh thats the info i was looking for. Thanks Amos. You're right, upgrade is overdue. On Fri, Sep 26, 2014 at 10:23 AM, Amos Shapira amos.shap...@gmail.com wrote: According to https://wiki.debian.org/DebianSqueeze, regular security updates for squeeze were ended on May 31st 2014. LTS security updates are supposed to be released until 2016. LTS support is NOT provided by Debian security team. See the LTS announcement in https://www.debian.org/News/2014/20140424.html My take - upgrade is overdue. --Amos On 26 September 2014 08:56, Chris Barnes chris.p.bar...@gmail.com wrote: Hey people, I haven't seen an update for BASH come down in the Debian Squeeze security updates. As a result my machines are still vulnerable. My Debian 7 machines received the update promptly just not my 6 machines. Has anyone else received an update for BASH on Deb 6? Im using the security.Debian.org apt source for security updates. -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- http://au.linkedin.com/in/gliderflyer -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] BASH update for Debian 6?
General question to everyone reading this - I have an idea for a service to provide tracking of such info (end of life, software life cycle) automatically. If anyone is curios to hear more, discuss or anything else, I'd be very happy to hear from you. Thanks. --Amos On 26 September 2014 10:28, Chris Barnes chris.p.bar...@gmail.com wrote: ahh thats the info i was looking for. Thanks Amos. You're right, upgrade is overdue. On Fri, Sep 26, 2014 at 10:23 AM, Amos Shapira amos.shap...@gmail.com wrote: According to https://wiki.debian.org/DebianSqueeze, regular security updates for squeeze were ended on May 31st 2014. LTS security updates are supposed to be released until 2016. LTS support is NOT provided by Debian security team. See the LTS announcement in https://www.debian.org/News/2014/20140424.html My take - upgrade is overdue. --Amos On 26 September 2014 08:56, Chris Barnes chris.p.bar...@gmail.com wrote: Hey people, I haven't seen an update for BASH come down in the Debian Squeeze security updates. As a result my machines are still vulnerable. My Debian 7 machines received the update promptly just not my 6 machines. Has anyone else received an update for BASH on Deb 6? Im using the security.Debian.org apt source for security updates. -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- http://au.linkedin.com/in/gliderflyer -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- http://au.linkedin.com/in/gliderflyer -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] BASH update for Debian 6?
I'm keen to hear your idea Amos. On Fri, Sep 26, 2014 at 10:32 AM, Amos Shapira amos.shap...@gmail.com wrote: General question to everyone reading this - I have an idea for a service to provide tracking of such info (end of life, software life cycle) automatically. If anyone is curios to hear more, discuss or anything else, I'd be very happy to hear from you. Thanks. --Amos On 26 September 2014 10:28, Chris Barnes chris.p.bar...@gmail.com wrote: ahh thats the info i was looking for. Thanks Amos. You're right, upgrade is overdue. On Fri, Sep 26, 2014 at 10:23 AM, Amos Shapira amos.shap...@gmail.com wrote: According to https://wiki.debian.org/DebianSqueeze, regular security updates for squeeze were ended on May 31st 2014. LTS security updates are supposed to be released until 2016. LTS support is NOT provided by Debian security team. See the LTS announcement in https://www.debian.org/News/2014/20140424.html My take - upgrade is overdue. --Amos On 26 September 2014 08:56, Chris Barnes chris.p.bar...@gmail.com wrote: Hey people, I haven't seen an update for BASH come down in the Debian Squeeze security updates. As a result my machines are still vulnerable. My Debian 7 machines received the update promptly just not my 6 machines. Has anyone else received an update for BASH on Deb 6? Im using the security.Debian.org apt source for security updates. -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- http://au.linkedin.com/in/gliderflyer -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- http://au.linkedin.com/in/gliderflyer -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] BASH update for Debian 6?
For some of my debian 6 test boxes I did wget http://security.debian.org/debian-security/pool/updates/main/e/eglibc/multiarch-support_2.13-38+deb7u4_amd64.deb wget http://ftp.us.debian.org/debian/pool/main/n/ncurses/libtinfo5_5.9-10_amd64.deb wget http://security.debian.org/debian-security/pool/updates/main/b/bash/bash_4.2+dfsg-0.1+deb7u3_amd64.deb dpkg -i multiarch-support_2.13-38+deb7u4_amd64.deb dpkg -i libtinfo5_5.9-10_amd64.deb dpkg -i bash_4.2+dfsg-0.1+deb7u3_amd64.deb On Fri, Sep 26, 2014 at 10:36 AM, Chris Barnes chris.p.bar...@gmail.com wrote: I'm keen to hear your idea Amos. On Fri, Sep 26, 2014 at 10:32 AM, Amos Shapira amos.shap...@gmail.com wrote: General question to everyone reading this - I have an idea for a service to provide tracking of such info (end of life, software life cycle) automatically. If anyone is curios to hear more, discuss or anything else, I'd be very happy to hear from you. Thanks. --Amos On 26 September 2014 10:28, Chris Barnes chris.p.bar...@gmail.com wrote: ahh thats the info i was looking for. Thanks Amos. You're right, upgrade is overdue. On Fri, Sep 26, 2014 at 10:23 AM, Amos Shapira amos.shap...@gmail.com wrote: According to https://wiki.debian.org/DebianSqueeze, regular security updates for squeeze were ended on May 31st 2014. LTS security updates are supposed to be released until 2016. LTS support is NOT provided by Debian security team. See the LTS announcement in https://www.debian.org/News/2014/20140424.html My take - upgrade is overdue. --Amos On 26 September 2014 08:56, Chris Barnes chris.p.bar...@gmail.com wrote: Hey people, I haven't seen an update for BASH come down in the Debian Squeeze security updates. As a result my machines are still vulnerable. My Debian 7 machines received the update promptly just not my 6 machines. Has anyone else received an update for BASH on Deb 6? Im using the security.Debian.org apt source for security updates. -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- http://au.linkedin.com/in/gliderflyer -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- http://au.linkedin.com/in/gliderflyer -- Kind Regards, Christopher Barnes e. chris.p.bar...@gmail.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html