[CentOS-devel] Critical update for bash was released today.
Karanbir Singh
mail-lists at karan.org
Fri Sep 26 13:34:55 UTC 2014
On 09/25/2014 08:41 PM, Nico Kadel-Garcia wrote:
> Thinking about it, the git CentOS repository could possibly be
> vulnerable, depending on just how the git credentials are managed
> there I'd urge a check.
no shell out happens at git.centos.org
gitweb however, is exposed. As is anything that does a system() call.
--
Karanbir Singh
+44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh
GnuPG Key : http://www.karan.org/publickey.asc
More information about the CentOS-devel
mailing list