Announcement Announcement Module
No announcement yet.
Bash specially-crafted environment variables code injection attack Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Bash specially-crafted environment variables code injection attack

    A new vulnerability was discovered, details are here:

    Red Hat has released patched versions of Bash that fix CVE-2014-7169. Information regarding these updates can be found in the errata. All customers are strongly encouraged to apply the update as this flaw is being actively attacked in the wild.
    Fedora has also released a patched version of Bash that fixes CVE-2014-7169.

    In order to update to the most recent version of the Bash package run the following command:

    # yum update bash
    Specify the package name in order to update to a particular version of Bash. For example, to update a Red Hat Enterprise Linux 6.5 system run:

    # yum update bash-4.1.2-15.el6_5.1

    Diagnostic Steps

    To determine if a system is affected by this vulnerability, review the version of Bash:

    # rpm -qa bash