Freshly updated version 4.1.2-15.el6.2 is now in place. Please
update at your earliest convenience.
This package is also not signed, so update with --nogpgcheck
for now.
Gordan
On 2014-09-25 15:23, Chris Szilagyi wrote:
Thank you very much for your quick attention to this.
It sounds like an additional issue was also found and patches are
currently
being worked on upstream:
https://access.redhat.com/security/cve/CVE-2014-7169
Best,
--
Chris
Patched bash package is on the primary server.
It is currently unsigned, so please update with
yum --nogpgcheck update bash
The new version should be 4.1.2-15.el6.1
Gordan
On 2014-09-25 10:55, Gordan Bobic wrote:
In case you haven't heard yet, a serious bash security
vulnerability has been discovered. I will have a new
bash rpm available tonight (not sooner because I haven't
got remote access to the build farm at the moment).
In the meantime, please check your systems and make
sure you don't have anything configured to invoke
bash implicitly or explicitly upon a remote access
(e.g. bash based CGI scripts or programs that issue
shell commands).
Gordan
_______________________________________________
users mailing list
[email protected]
http://lists.redsleeve.org/mailman/listinfo/users
_______________________________________________
users mailing list
[email protected]
http://lists.redsleeve.org/mailman/listinfo/users
_______________________________________________
users mailing list
[email protected]
http://lists.redsleeve.org/mailman/listinfo/users
_______________________________________________
users mailing list
[email protected]
http://lists.redsleeve.org/mailman/listinfo/users
