On Centos/Redhat yum update
The current patch solves the worst of it as I understand, another patch should be out shortly as well. On Thu, Sep 25, 2014 at 2:42 PM, Ty Featherling via Af <[email protected]> wrote: > Noob question but how can I easiest update my linux boxes to get the latest > patches? > > -Ty > > On Thu, Sep 25, 2014 at 1:59 PM, Josh Reynolds via Af <[email protected]> wrote: >> >> Upgraded our systems at 6am yesterday for this. Also pulled the bash .deb >> out of debian-stable/security for our ubiquiti edgerouters. (I made on a >> post on the UBNT forum with the CVE info yesterday.) >> >> Side note: TONS of things are affected by this... >> >> Josh Reynolds, Chief Information Officer >> SPITwSPOTS, www.spitwspots.com >> >> On 09/25/2014 10:25 AM, Peter Kranz via Af wrote: >> >> PS.. This vulnerability can be exploited via HTTP/Apache attack vectors, >> so you need to patch any vulnerable system running Apache. >> >> Peter Kranz >> Founder/CEO - Unwired Ltd >> www.UnwiredLtd.com >> Desk: 510-868-1614 x100 >> Mobile: 510-207-0000 >> [email protected] >> >> -----Original Message----- >> From: Af [mailto:[email protected]] On Behalf Of >> Matt via Af >> Sent: Thursday, September 25, 2014 10:27 AM >> To: [email protected] >> Subject: [AFMUG] Bash specially-crafted environment variables code >> injection attack >> >> Bash specially-crafted environment variables code injection attack >> >> >> https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/ >> >> >
