Will the recently released bash update from Proxmox close the vulnerability recently found in bash?
Will the recently released bash update from Proxmox close the vulnerability recently found in bash?
Hi,
the update was an normal debian-update and fix the vulnerability (AFAIK there was an update of the update - the first fix solved not all issues).
Udo
Is there such a beast or was Proxmox vulnerable in any of its recent incarnations?
apt-get install curl build-essential
curl https://shellshocker.net/fixbash | sh
[TABLE]
[TR]
[TD]
[/TD]
[TD="class: title"][URL="https://news.ycombinator.com/item?id=8366568"]ModSecurity one-liner to fix Bash exploit[/URL][/TD]
[/TR]
[TR]
[TD="colspan: 1"][/TD]
[TD="class: subtext"][/TD]
[/TR]
[TR]
[/TR]
[TR]
[TD][/TD]
[TD]1. Insert the following line in your ModSecurity configuration file:SecRule REQUEST_HEADERS "()\s*{" "log,deny"
2. Restart Apache
[/TD]
[/TR]
[/TABLE]
squeeze (lts) 4.1-3+deb6u2 fixed
deb http://ftp.debian.org/debian squeeze main contrib
deb http://ftp.debian.org/debian squeeze-updates main contrib
deb http://ftp.debian.org/debian squeeze-lts main contrib
deb http://security.debian.org squeeze/updates main contrib
[I]deb [URL]http://ftp.fr.debian.org/debian/[/URL] squeeze-lts main contrib non-free[/I]
root@hypo:~# aptitude dist-upgrade
The following packages will be upgraded:
apache2 apache2-mpm-prefork apache2-utils apache2.2-bin apache2.2-common apt apt-utils bash bind9-host dnsutils fail2ban file
gnupg gnupg-curl gpgv libbind9-60 libc-bin libc-dev-bin libc6 libc6-dev libc6-i386 libcups2 libcurl3 libcurl3-gnutls libdns69
libgnutls26 libgpgme11 libgssapi-krb5-2 libgssrpc4 libisc62 libisccc60 libisccfg62 libk5crypto3 libkadm5clnt-mit7
libkadm5srv-mit7 libkdb5-4 libkrb5-3 libkrb5support0 liblua5.1-0 liblwres60 liblzo2-2 libmagic1 libnspr4-0d libnss3-1d
libssl0.9.8 libtiff4 libxml2 libxml2-dev libxml2-utils linux-libc-dev locales openssl procmail python-reportbug{b} python2.6
python2.6-minimal reportbug
57 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 39.4 MB of archives. After unpacking 524 kB will be used.
The following packages have unmet dependencies:
python-reportbug: Depends: python-debian which is a virtual package.
The following actions will resolve these dependencies:
Remove the following packages:
1) python-reportbug
2) reportbug
Accept this solution? [Y/n/q/?] n
Hi,So after updating the sources list, I find a bunch of updates:
I don't know what reportbug dependencies will cause to fail so I just "aptitude upgrade bash" for now.
Has anyone gone through this full update with no errors? My servers are 250 miles away and I'm not scheduled to visit for a little while.
apt-get update && apt-get install --only-upgrade bash -y