<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 12pt;
font-family:Calibri
}
--></style></head>
<body class='hmmessage'><div dir='ltr'><font style="" color="#000000" face="Tahoma,sans-serif">Sorry I did not qualify that. The way to update centos is <br><br>yum update bash<br><br>The current update is:<br><br>Updated:<br> bash.i386 0:3.2-33.el5.1<br><br>This should not require any recompiles. If you have any current bash jobs running you would have to stop and restart them to use the new code or just reboot.<br id="FontBreak"></font><br><b><font style="font-size:16pt;" size="4">73 Doug</font><font style="font-size:16pt;" size="4"><br></font><font style="font-size:16pt;" size="4">WA3DSP</font><font style="font-size:16pt;" size="4"><br></font><font style="font-size:16pt;" size="4">http://www.crompton.com/hamradio</font></b><font style="font-size:16pt;" size="4"><br></font><br><br><div><hr id="stopSpelling">From: doug@crompton.com<br>To: mike@midnighteng.com<br>Date: Thu, 25 Sep 2014 12:27:42 -0400<br>CC: app_rpt-users@ohnosec.org<br>Subject: Re: [App_rpt-users] NEW Security Issues<br><br>
<style><!--
.ExternalClass .ecxhmmessage P {
padding:0px;
}
.ExternalClass body.ecxhmmessage {
font-size:12pt;
font-family:Calibri;
}
--></style>
<div dir="ltr"><font style="" color="#000000" face="Tahoma,sans-serif">Information on Centos Bash update -<br><br><a href="http://centosnow.blogspot.com/2014/09/critical-bash-updates-for-centos-5.html" target="_blank">http://centosnow.blogspot.com/2014/09/critical-bash-updates-for-centos-5.html</a><br><br id="ecxFontBreak"></font><b><font style="font-size:16pt;" size="4">73 Doug</font><font style="font-size:16pt;" size="4"><br></font><font style="font-size:16pt;" size="4">WA3DSP</font><font style="font-size:16pt;" size="4"><br></font><font style="font-size:16pt;" size="4">http://www.crompton.com/hamradio</font></b><font style="font-size:16pt;" size="4"><br></font><br><br><div><hr id="ecxstopSpelling">From: mike@midnighteng.com<br>To: app_rpt-users@ohnosec.org<br>Date: Thu, 25 Sep 2014 08:06:13 -0700<br>Subject: [App_rpt-users] NEW Security Issues<br><br><span style="font-family:Verdana;color:#000000;font-size:10pt;"><div><br></div><div>The increase in recent hack attempts are the result of the resent knowlage of a fundamental bug in bash.</div><div>It was not a big deal till someone published the flaw before some patches could be issued.<br></div><div><br></div><div>Some folks set-ups are vulnerable. If you run HTTP, you certainly are.</div><div><br></div><div>Just a FYI...</div><div><br></div><div>SHELLSHOCK - this is bigger and older than heartbleed.<br></div><div><br></div><div>It is a very big deal for "all" linux systems running http.<br></div><div><br></div><div><a href="http://seclists.org/oss-sec/2014/q3/650" target="_blank">http://seclists.org/oss-sec/2014/q3/650</a> <br></div><div><br></div><div>to check your version of bash, type</div><div><br></div><div>cd /bin</div><div>bash --version</div><div><br></div><div>our acid installs should be at 3.2 </div><div>Remote ssh devices are possibly at risk.</div><div>Current patches may not be entirely effective.</div><div>Much more to be known about this.<br></div><div><br></div><div>google shellshock for more info.<br></div><div><br></div><div>...mike/kb8jnm</div><div><br></div><div><br></div></span>
<br>_______________________________________________
App_rpt-users mailing list
App_rpt-users@ohnosec.org
http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users
To unsubscribe from this list please visit http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button"
You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem.</div> </div>
<br>_______________________________________________
App_rpt-users mailing list
App_rpt-users@ohnosec.org
http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users
To unsubscribe from this list please visit http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button"
You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem.</div> </div></body>
</html>