[CentOS] Critical update for bash released today.

Fri Sep 26 06:28:27 UTC 2014
James Hogarth <james.hogarth at gmail.com>

On 26 Sep 2014 05:46, "Cliff Pratt" <enkiduonthenet at gmail.com> wrote:
>
> Take the case of an Apache Bash CGI. This will have been loaded when
Apache
> started, so Apache will have to be restarted to get the new one. There may
> be other similar cases. So the best thing is to reboot.
>

This is false and a major misunderstanding of the vulnerability.

1) the vulnerability is just during initialisation of bash. Once it is
running it is beyond the vulnerable stage and needs no restarting
2) in a CGI of #!/bin/bash or for a system call with any other language for
CGI bash gets executed on demand... It does not do what you say...