[Novalug] bash vulnerability bug

Zachary Zebrowski zak.zebrowski@gmail.com
Thu Sep 25 10:36:44 EDT 2014


not that way...

sudo apt-get update ; sudo apt-get upgrade ; sudo apt-get dist-upgrade



On Thu, Sep 25, 2014 at 10:30 AM, Ed James via Novalug <
novalug@firemountain.net> wrote:

> No joy.  I don't suppose all I need to do on my Ubuntu boxen is like:
>
>    sudo apt-get update bash
>
> ?
>
> Nah - can't possibly be *that* easy.
>
>
> And I'm still hazy if it matters to me - my daily driver doesn't do any
> server chores (at least, not that I know of) and I'm behind 3 firewalls.
> Has anyone "here" found the vulnerability on their machine, updated bash,
> and found it totally fixed?
>
> ​Ed James​
>
> On Thu, Sep 25, 2014 at 9:57 AM, Bonnie Dalzell via Novalug <
> novalug@firemountain.net> wrote:
>
> > ​...
> >
>
>
> > Detecting vulnerable versions
> >
> > To test if your version of Bash is vulnerable to this issue, run the
> > following command:
> >
> > $ env x='() { :;}; echo vulnerable'  bash -c "echo this is a test"
> >
> > If the output of the above command looks as follows:
> >
> > vulnerable
> > this is a test
> > ​...
> >
> **********************************************************************
> The Novalug mailing list is hosted by firemountain.net.
>
> To unsubscribe or change delivery options:
> http://www.firemountain.net/mailman/listinfo/novalug



More information about the Novalug mailing list