Hi Eric,
The lx-brand images are typically built from a base install and won't necessarily have all the updates. You will need to ensure you get the latest updates via `apt-get update`. However, we're working on a release of the lx-brand images where an update occurs as part of the build process. This should ensure you get most of the package updates at the time of the image build. --Christopher Horrell Manager, Solutions Engineering Joyent Inc. http://www.joyent.com/ On Thu, Aug 13, 2015 at 1:27 AM, Eric <[email protected]> wrote: > Is it just me or is the lx-ubuntu-14.04 > (a21a64a0-0809-11e5-a64f-ff80e8e8086f) dataset susceptible to CVE-2014-6271? > *root@60d03697-b6af-4315-bdfb-98ecfac87141:~# env 'x=() { :;}; echo > vulnerable' 'BASH_FUNC_x()=() { :;}; echo vulnerable' bash -c "echo > test"vulnerablebash: BASH_FUNC_x(): line 0: syntax error near unexpected > token `)'bash: BASH_FUNC_x(): line 0: `BASH_FUNC_x() () { :;}; echo > vulnerable'bash: error importing function definition for > `BASH_FUNC_x'testroot@60d03697-b6af-4315-bdfb-98ecfac87141:~# * > *root@60d03697-b6af-4315-bdfb-98ecfac87141:/tmp# cd /tmp; rm -f /tmp/echo; > env 'x=() { (a)=>\' bash -c "echo date"; cat /tmp/echobash: x: line 1: > syntax error near unexpected token `='bash: x: line 1: `'bash: error > importing function definition for `x'Thu Aug 13 05:25:41 UTC > 2015root@60d03697-b6af-4315-bdfb-98ecfac87141:/tmp#* > On Tue, Aug 11, 2015 at 3:39 PM, Christopher Horrell <[email protected] >> wrote: >> Hi everyone, >> >> We just released the following Container-native (lx-brand) and KVM images >> to images.joyent.com and the Joyent Public Cloud: >> >> lx-brand: >> centos-6 20150811 3011c3ce-3fc4-11e5-8e79-0f90655d04bf >> >> KVM >> centos-6 20150811 234c4a6e-402e-11e5-a311-8bc6aad0d65f >> >> Documentation and release notes for the lx-brand image can be found here: >> >> https://docs.joyent.com/images/lx-brand-beta/centos >> >> And for the KVM image, here: >> >> https://docs.joyent.com/images/kvm/linux/centos >> >> >> Regards, >> >> -- >> Christopher Horrell >> Manager, Solutions Engineering >> Joyent Inc. >> http://www.joyent.com/ >> *smartos-discuss* | Archives >> <https://www.listbox.com/member/archive/184463/=now> >> <https://www.listbox.com/member/archive/rss/184463/27088356-7e8b0922> | >> Modify >> <https://www.listbox.com/member/?&;> >> Your Subscription <http://www.listbox.com> >> ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
