Fix may not be complete either:
https://bugzilla.redhat.com/show_bug.cgi?id=1141597#c23
On Thu, Sep 25, 2014 at 11:06 AM, Sebastian Castro
Hi all, This isn't normally a security vuln release list but this one looks
On 25/09/14 10:57 am, Dean Pemberton wrote: pretty bad
A newly discovered vulnerability (CVE-2014-6271) in the Bash command-line interpreter poses a critical security risk to Unix and Linux systems. It allows remote code execution.
NZITF is responding to this remote execution exploit, with a News page that we will be keeping up to date - http://www.nzitf.org.nz/news.html .
There are active scans going on already:
http://blog.erratasec.com/2014/09/bash-shellshock-scan-of-internet.html
We are also reaching out to technical and security community points of contact to raise awareness to the issue and ensure necessary action is taken (hence this email to you). Please note, no patch is yet available for Mac OSX. However, many other patches are available.
So Patch, Patch, Patch.
Regards, Dea _______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
-- Sebastian Castro Technical Research Manager .nz Registry Services (New Zealand Domain Name Registry Limited) desk: +64 4 495 2337 mobile: +64 21 400535 _______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog