Print

Print


According to RedHat and NVD there are other potentially affected configurations although Apache is most commonly cited. I would weigh the impact of updating bash on your individual machine vs. being affected by the possible security flaw: if the price you pay of updating bash is minimal then just go ahead and do it.

Ounce of prevention and whatnot… just my $0.02

Sources: https://access.redhat.com/articles/1200223; http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271

Ashley Shillinger
Systems Administrator
Research Technology Support Facility 
& Great Lakes Bioenergy Research Center
Michigan State University
603 Wilson Rd 202D East Lansing, MI 48824 
T: 517-353-6794
F: 517-355-6758
E: [log in to unmask]
	




On Sep 26, 2014, at 10:22 AM, Kim Geiger <[log in to unmask]> wrote:

> If it's so all-fired important, how come I can't find anything about it at MSU.edu ?
> 
> Anyway, I'm getting conflicting information from things I'm reading (apocalyptic) versus vendors who are telling me that I don't need to patch because the machine isn't running Apache.
> 
> Is anyone else dealing with this?  Does anyone care to offer an opinion?
> 
> -- 
> Kim Geiger
> WKAR Radio & Television, WKAR.org
> East Lansing, Michigan 
> 517-884-4766