[CentOS] URGENT! Shellshock fix DOES NOT fix the bug on CentOS 5.4

Johnny Hughes

johnny at centos.org
Mon Sep 29 07:55:29 UTC 2014


On 09/29/2014 01:46 AM, John R Pierce wrote:
> On 9/28/2014 11:39 PM, James Hogarth wrote:
>> https://access.redhat.com/security/cve/CVE-2014-7186
>>
>> Looks like we may find one more bash patch at least yet then.
> 
> per https://rhn.redhat.com/errata/RHSA-2014-1306.htm  the fix for 7187
> and 7186 is already included in the updated fix that was released a
> couple days ago, bash-4.1.2-15.el6_5.2 etc.
> 
> 
> 

That is correct, the latest released update patches all the known issues
so far for all 3 Active versions of CentOS (CentOS-5, CentOS-6,
CentOS-7) and was released within 21 Minutes after the announcement by
RedHat of the RHEL releases.

So, for now, we are all caught up.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20140929/462f23b4/attachment-0001.sig>


More information about the CentOS mailing list