On 26 Sep 2014 at 13:14, Michael D. Setzer II wrote: From: "Michael D. Setzer II" <mikes@xxxxxxxxxxxxxxxx> To: Dave Stevens <geek@xxxxxxxxxxxx>, Community support for Fedora users <users@xxxxxxxxxxxxxxxxxxxxxxx> Date sent: Fri, 26 Sep 2014 13:14:40 +1000 Subject: Re: Heads up: possible BASH security vulnerability Priority: normal Send reply to: Community support for Fedora users <users@xxxxxxxxxxxxxxxxxxxxxxx> Was just rechecking on the bash, and noticed that there are now 30 patches instead of the 25 that were there about 10 days ago. So those that built from the source code might want to build with the new patches included. Not sure if they are related directly to the bug or if are just other patches. The script I used to build is this mkdir bash cd bash ncftpget ftp://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz . tar -zxvf bash-4.3.tar.gz cd bash-4.3 ncftpget ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/* . for a in bash43-??? ; do patch -p0 <$a ; done ./configure make strip bash #make install bash --version GNU bash, version 4.3.30(1)-release (x86_64-unknown-linux-gnu) Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> > On 25 Sep 2014 at 19:45, Dave Stevens wrote: > > Date sent: Thu, 25 Sep 2014 19:45:52 -0700 > From: Dave Stevens <geek@xxxxxxxxxxxx> > To: Community support for Fedora users > <users@xxxxxxxxxxxxxxxxxxxxxxx>, > Edik Landaveri <elwanka@xxxxxxxxx> > Subject: Re: Heads up: possible BASH security vulnerability > Send reply to: Community support for Fedora users > <users@xxxxxxxxxxxxxxxxxxxxxxx> > > > Quoting Edik Landaveri <elwanka@xxxxxxxxx>: > > > > > #Thu Sep 25 19:11:30 PDT 2014 > > > > > > Debian already released a patch > > > GNU bash, version 4.3.25(1)-release-(x86_64-pc-linux-gnu) > > > > > > I assume Red Hat already have their hands into a patch as well. Just have to > > > wait. > > > > > > I posted a CentOS patch three hours ago, I assume that came from upstream. > > > > > > Dave > > > They seem to have just released a bunch of updates, and it includes the > bash fix. Ran the script to check it before, and after to see that it stops the > issue with bash. Think it was in testing, but now is in updates. > > > > > > > -- > > > users mailing list > > > users@xxxxxxxxxxxxxxxxxxxxxxx > > > To unsubscribe or change subscription options: > > > https://admin.fedoraproject.org/mailman/listinfo/users > > > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct > > > Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines > > > Have a question? Ask away: http://ask.fedoraproject.org > > > > > > > > > > > -- > > Hold my beer while I show you this trick I can do! > > > > > > > > > > > > -- > > users mailing list > > users@xxxxxxxxxxxxxxxxxxxxxxx > > To unsubscribe or change subscription options: > > https://admin.fedoraproject.org/mailman/listinfo/users > > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct > > Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines > > Have a question? Ask away: http://ask.fedoraproject.org > > > +----------------------------------------------------------+ > Michael D. Setzer II - Computer Science Instructor > Guam Community College Computer Center > mailto:mikes@xxxxxxxxxxxxxxxx > mailto:msetzerii@xxxxxxxxx > http://www.guam.net/home/mikes > Guam - Where America's Day Begins > G4L Disk Imaging Project maintainer > http://sourceforge.net/projects/g4l/ > +----------------------------------------------------------+ > > http://setiathome.berkeley.edu (Original) > Number of Seti Units Returned: 19,471 > Processing time: 32 years, 290 days, 12 hours, 58 minutes > (Total Hours: 287,489) > > BOINC@HOME CREDITS > ROSETTA 19981840.971965 | SETI 33950436.647387 > ABC 16613838.513356 | EINSTEIN 34233765.925899 > > -- > users mailing list > users@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe or change subscription options: > https://admin.fedoraproject.org/mailman/listinfo/users > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct > Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines > Have a question? Ask away: http://ask.fedoraproject.org +----------------------------------------------------------+ Michael D. Setzer II - Computer Science Instructor Guam Community College Computer Center mailto:mikes@xxxxxxxxxxxxxxxx mailto:msetzerii@xxxxxxxxx http://www.guam.net/home/mikes Guam - Where America's Day Begins G4L Disk Imaging Project maintainer http://sourceforge.net/projects/g4l/ +----------------------------------------------------------+ http://setiathome.berkeley.edu (Original) Number of Seti Units Returned: 19,471 Processing time: 32 years, 290 days, 12 hours, 58 minutes (Total Hours: 287,489) BOINC@HOME CREDITS ROSETTA 20196078.582041 | SETI 34396246.831911 ABC 16613838.513356 | EINSTEIN 36462743.948899 -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
