Re: about bash and Debian Lenny
> Shellshock has such big impact on the internet so please give us Lenny > package. You need to remember that Debian is a project staffed by volunteers, some of whom have already offered packages. If you cannot trust random binaries then the patches are available. If you do have a legitimate reason for not upgrading, then your choices are few - and largely consist of: * Rolling your own packages, via the public patches, which you will then trust. * Finding somebody trustworthy. * Upgrading. My personal response to somebody requesting newer updates has got to be "What is your budget?".. Steve -- http://www.steve.org.uk/
Re: about bash and Debian Lenny
Paul Wise wrote: > On Thu, Oct 2, 2014 at 1:37 AM, Jann Horn wrote: > > > You're doing this the wrong way - as others have already said, upgrade your > > server to a supported release. > > Based on our off-list discussions, Nikolay has valid reasons for not > upgrading. > Oh dear! Pabs, now you've made bursting with curiosity the whole list! Bye, A. Sent from my Sylpheed -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141002095810.515e684e76b4578fb26b0...@linkspirit.org