Thank you very much for your quick attention to this. It sounds like an additional issue was also found and patches are currently being worked on upstream:
https://access.redhat.com/security/cve/CVE-2014-7169 Best, -- Chris > Patched bash package is on the primary server. > > It is currently unsigned, so please update with > yum --nogpgcheck update bash > > The new version should be 4.1.2-15.el6.1 > > Gordan > > On 2014-09-25 10:55, Gordan Bobic wrote: >> In case you haven't heard yet, a serious bash security >> vulnerability has been discovered. I will have a new >> bash rpm available tonight (not sooner because I haven't >> got remote access to the build farm at the moment). >> >> In the meantime, please check your systems and make >> sure you don't have anything configured to invoke >> bash implicitly or explicitly upon a remote access >> (e.g. bash based CGI scripts or programs that issue >> shell commands). >> >> Gordan >> _______________________________________________ >> users mailing list >> [email protected] >> http://lists.redsleeve.org/mailman/listinfo/users > _______________________________________________ > users mailing list > [email protected] > http://lists.redsleeve.org/mailman/listinfo/users > _______________________________________________ users mailing list [email protected] http://lists.redsleeve.org/mailman/listinfo/users
