Re: [smartos-discuss] centos-6-20150811 kvm and lx-brand images now available

Wed, 12 Aug 2015 22:28:13 -0700 

Is it just me or is the lx-ubuntu-14.04
(a21a64a0-0809-11e5-a64f-ff80e8e8086f) dataset susceptible to CVE-2014-6271?








*root@60d03697-b6af-4315-bdfb-98ecfac87141:~# env 'x=() { :;}; echo
vulnerable' 'BASH_FUNC_x()=() { :;}; echo vulnerable' bash -c "echo
test"vulnerablebash: BASH_FUNC_x(): line 0: syntax error near unexpected
token `)'bash: BASH_FUNC_x(): line 0: `BASH_FUNC_x() () { :;}; echo
vulnerable'bash: error importing function definition for
`BASH_FUNC_x'testroot@60d03697-b6af-4315-bdfb-98ecfac87141:~# *






*root@60d03697-b6af-4315-bdfb-98ecfac87141:/tmp# cd /tmp; rm -f /tmp/echo;
env 'x=() { (a)=>\' bash -c "echo date"; cat /tmp/echobash: x: line 1:
syntax error near unexpected token `='bash: x: line 1: `'bash: error
importing function definition for `x'Thu Aug 13 05:25:41 UTC
2015root@60d03697-b6af-4315-bdfb-98ecfac87141:/tmp#*



On Tue, Aug 11, 2015 at 3:39 PM, Christopher Horrell <[email protected]
> wrote:

> Hi everyone,
>
> We just released the following Container-native (lx-brand) and KVM images
> to images.joyent.com and the Joyent Public Cloud:
>
> lx-brand:
>     centos-6         20150811  3011c3ce-3fc4-11e5-8e79-0f90655d04bf
>
> KVM
>     centos-6         20150811  234c4a6e-402e-11e5-a311-8bc6aad0d65f
>
> Documentation and release notes for the lx-brand image can be found here:
>
>     https://docs.joyent.com/images/lx-brand-beta/centos
>
> And for the KVM image, here:
>
>     https://docs.joyent.com/images/kvm/linux/centos
>
>
> Regards,
>
> --
> Christopher Horrell
> Manager, Solutions Engineering
> Joyent Inc.
> http://www.joyent.com/
> *smartos-discuss* | Archives
> <https://www.listbox.com/member/archive/184463/=now>
> <https://www.listbox.com/member/archive/rss/184463/27088356-7e8b0922> |
> Modify
> <https://www.listbox.com/member/?&;>
> Your Subscription <http://www.listbox.com>
>



-------------------------------------------
smartos-discuss
Archives: https://www.listbox.com/member/archive/184463/=now
RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00
Modify Your Subscription: 
https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb
Powered by Listbox: http://www.listbox.com

Reply via email to