Schlumberger-Private
________________________________
The version of bash in the genesis kernel is potentially vulnerable – though it
probably isn’t exploitable in the out-of-the-box configuration.
Are there any plans to update the genesis image?
I for one will be replacing the genesis version of bash with a patched version
so that I feel more comfortable (and keep my managers happy).
Mark
From: Lissa Valletta [mailto:[email protected]]
Sent: 30 September 2014 12:27
To: xCAT Users Mailing list
Subject: [xcat-user] Bash vulnerabilities (CVE-2014-6271, CVE-2014-7169,
CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278)
Title: Extreme Cloud Administration Toolkit (xCAT) is not affected by the Bash
vulnerabilities (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187,
CVE-2014-6277, and CVE-2014-6278)
Flash (Alert)
Abstract
Extreme Cloud Administration Toolkit (xCAT)is not vulnerable to the Bash
vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and
the two memory corruption vulnerabilities.
Content
• Extreme Cloud Administration Toolkit (xCAT) in all editions and all platforms
is NOT vulnerable to the Bash vulnerabilities (CVE-2014-6271, CVE-2014-7169,
CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278).
Remediation: Check your OS for recommended patches.
Lissa K. Valletta
8-3/B10
Poughkeepsie, NY 12601
(tie 293) 433-3102
------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
xCAT-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/xcat-user
