Re: Critical update for bash released today.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 09/25/2014 01:49 AM, James Hogarth wrote:
> On 24 Sep 2014 17:12, "Johnny Hughes" <johnny@xxxxxxxxxx> wrote:
>>
>>
>>
>> For informational purposes:
>>
>> https://access.redhat.com/articles/1200223
>>
> 
> As a by heads up that advisory has been updated since the updated packages
> were released.
> 
> The fix in the previous packages is incomplete and there is a new cve being
> tracked as a result:
> 
> https://access.redhat.com/security/cve/CVE-2014-7169

These are now released as well:

CentOS7:
http://lists.centos.org/pipermail/centos-announce/2014-September/020592.html

CentOS6:
http://lists.centos.org/pipermail/centos-announce/2014-September/020593.html

CentOS5:
http://lists.centos.org/pipermail/centos-announce/2014-September/020594.html

*NOTE*:  CentOS-4 has been past End Of Life for a long time (February
2012), and this bash issue is just one of many Critical ones that mean
you should not be running CentOS-4 in production where it in any way
touches the Internet:

http://lists.centos.org/pipermail/centos-announce/2012-February/018462.html

If you absolutely must run an EL4 workload, please do not do it on
CentOS-4 and instead pay for and upgrade to RHEL-4 ELS as described in
the above link from February 2012.  CentOS-4 is unsafe .. don't use it
.. don't do it .. please.


Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux