Re: [Rockies-Edu] Shell Vulnerabilities
Re: [Rockies-Edu] Shell Vulnerabilities
- Subject: Re: [Rockies-Edu] Shell Vulnerabilities
- From: Daniel De Jesus <email@hidden>
- Date: Mon, 29 Sep 2014 16:15:35 -0600
Bash Updates just made available.
OS X bash Update 1.0 may be obtained from the following webpages:
http://support.apple.com/kb/DL1767 OS X Lion
http://support.apple.com/kb/DL1768 OS X Mountain Lion
http://support.apple.com/kb/DL1769 OS X Mavericks
Daniel De Jesus
Technology Department
Cheyenne Mountain School District 12
Cell : (719) 499-3648
Office : (719) 328-1236
email@hidden writes:
>I used that same patch on Snow Leopard and it worked.
>
>On Fri, Sep 26, 2014 at 10:59 AM, Hoffman, Kevin <[
>mailto:email@hidden ]email@hidden> wrote:
>
>
>
>Hi All,
>
>
>I've been checking [ http://ftp.gnu.org/gnu/bash/
>]http://ftp.gnu.org/gnu/bash/ and as of now on 9/26, it looks like
>there's still no official bash patch that addresses CVE-2014-7169.
>
>
>So I've decided to try testing the unofficial bash patch that's available:
>
>
>[ http://seclists.org/oss-sec/2014/q3/734
>]http://seclists.org/oss-sec/2014/q3/734
>
>
>Using this as a guide:
>
>
>[ http://alblue.bandlem.com/2014/09/bash-remote-vulnerability.html
>]http://alblue.bandlem.com/2014/09/bash-remote-vulnerability.html
>
>
>My question is, if I'm trying to patch a Lion (10.7.5) system to bash
>3.2.53, does anyone foresee a problem with using Apple's latest "bash-92"
>release (bash 3.2.51(1)) as the basis for patching?
>
>
>I only ask because Apple's "official" bash release on Lion was "bash-84"
>(bash 3.2.48(1)).
>
>
>[ https://opensource.apple.com/release/os-x-1094/
>]https://opensource.apple.com/release/os-x-1094/
>[ https://opensource.apple.com/release/mac-os-x-1075/
>]https://opensource.apple.com/release/mac-os-x-1075/
>
>
>It's hard to imagine there'd be a problem, but just thought I'd ask.
>
>
>Thanks,
>Kevin
>--
>Kevin Hoffman
>Colorado Genetics Lab
>
> _______________________________________________
>Do not post admin requests to the list. They will be ignored.
>Rockies-edu mailing list ([ mailto:email@hidden
>]email@hidden)
>Help/Unsubscribe/Update your Subscription:
>[
>
>This email sent to [ mailto:email@hidden ]email@hidden
>
>
>
> _______________________________________________
>Do not post admin requests to the list. They will be ignored.
>Rockies-edu mailing list (email@hidden)
>Help/Unsubscribe/Update your Subscription:
>
>This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Rockies-edu mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden