[arm-allstar] bash patch
(KP4TR)Ramon Gonzalez
kp4tr.ramon at gmail.com
Sun Sep 28 07:58:28 EST 2014
Hello,
I'm not sure why you say there is no security concerns with the old
version of bash. There is, and anyone who can try it out can test
themselves.
The patch for Archlinux to patch this vulnerability is simple for the
BBB 1.1 of Archlinux:
1. To test vulnerability, copy and paste this:
env x='() { :;}; echo vulnerable' bash -c "echo If you see the word
vulnerability above, you are"
2. To patch it , just update bash:
pacman -S bash
3. Run step 1, again, and you won't have vulnerability
On 9/28/2014 2:04 AM, David McGough wrote:
> Hi Mark,
>
> We've already got bash updated in the upcoming 1.2 release. But, for those
> running a "stock" 1.1, there are NO current security concerns with the old
> version of bash. By that, I mean there is no way to use bash to exploit
> the system.
>
> The 1.2 release fixes s long list of issues that were present in 1.1. So,
> keep an eye out for this update!
>
>
> 73, David KB4FXC
>
>
> On Sun, 28 Sep 2014, Mark Herson, N2MH wrote:
>
>> Hello to the group!
>>
>> This past week, Dave Cameron, VE7LTD, sent to the IRLP group information
>> about a problem with bash along with various fixes to this problem
>> depending on distro. Will bash be fixed in the new release of AllStar BBB
>> code?
>>
>> 73, Mark, N2MH
>>
>>
>> _______________________________________________
>>
>> arm-allstar mailing list
>> arm-allstar at hamvoip.org
>> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>>
>> Visit the BBB web page - http://www.crompton.com/hamradio/BeagleBoneBlackAllstar/
>>
> _______________________________________________
>
> arm-allstar mailing list
> arm-allstar at hamvoip.org
> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>
> Visit the BBB web page - http://www.crompton.com/hamradio/BeagleBoneBlackAllstar/
>
More information about the arm-allstar
mailing list