trinity-users@lists.pearsoncomputing.net

Message: previous - next
Month: October 2014

Re: [trinity-users] [OT] shellshock.

From: Felmon Davis <davisf@...>
Date: Sun, 5 Oct 2014 01:56:54 -0400 (EDT)

On Sun, 5 Oct 2014, Michael . wrote:

> I suggest you read this https://www.debian.org/security/2014/dsa-3032,
> .this https://www.debian.org/security/2014/dsa-3035, and this
> https://security-tracker.debian.org/tracker/CVE-2014-7169

alright, apt-cache policy bash says in part:

bash:
   Installed: 4.2+dfsg-0.1+deb7u3
   Candidate: 4.2+dfsg-0.1+deb7u3
   Version table:
  *** 4.2+dfsg-0.1+deb7u3 0

so I'm covered.

F.

>
>
> On 5 October 2014 14:38, Felmon Davis <davisf@...> wrote:
>
>> greets!
>>
>> just hoping for confirmation one way or the other: I've upgraded wheezy
>> and bash --version says
>>
>> GNU bash, version 4.2.37(1)-release (i486-pc-linux-gnu)
>>
>> when I run the shellshock test script:
>>
>> env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
>>
>> this is what I get:
>>
>> this is a test
>>
>> I think this says I'm fit but I'm not sure.... some sites say there should
>> be an error statement.
>>
>> F.
>>
>>
>> --
>> Felmon Davis
>>
>> It is easier to be wise for others than for oneself.  -- La Rochefoucald

-- 
Felmon Davis

Here are the opinions on which my facts are based.

trinity-users@lists.pearsoncomputing.net

Re: [trinity-users] [OT] shellshock.

powered by ezmlm-www (v1.4.5)