On Thursday 25 Sep 2014 16:38:03 Martin Hepworth wrote: > Centos/RH fix not 100% complete and you'll have to do this again. > > also check if your web servers are running cgi scripts as bash scripts .... > this is a bigger problem in general as it's prone to alsorts of abuse
The real problem with this is not the mainstream Distros. They will issue the patches sooner or later, so it's up to us to apply them. It's all the other devices that aren't under the care of the package maintainers that will remain vulnerable unless the users manually patch them. For example, I very much doubt that my Netgear Stora NAS box will get updated. Netgear haven't issued any updates for years and they don't sell them any more. There must be millions of similar devices out there, eg TVs, routers, network storage, fridges even. Whose going to sort them out? -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2014-10-07 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread on mailing list: mailto:dorset@mailman.lug.org.uk How to Report Bugs Effectively: http://goo.gl/4Xue