The other positive spin-off is the general public are now aware of Linux as an OS - as opposed to the common misconception that it's only Windows and Mac!karlchen wrote:Well, the hype about the recent bash vulnerabilities might have a positive side effect, in case it makes more users aware thatniowluka wrote:A beacon of light in the darnkess of utter media madness...nomko wrote:Another crappy story that has been blown up out of proportion....
+ 100% security does not exist
+ not even on a Linux system
+ applying security fixes is a MUST, not merely an option.
Main Edition: BASH vulnerability a.k.a. 'Shellshock'
Forum rules
Section reserved for the team. You can reply to announcements here but not post new topics. Do not add support questions to threads here, use the appropriate support forum instead.
Section reserved for the team. You can reply to announcements here but not post new topics. Do not add support questions to threads here, use the appropriate support forum instead.
Re: Recent bash vulnerability and patch questions
Re: Recent bash vulnerability and patch questions
Well, if the general public form their opinions about Linux on the latest headlines, then this is definitely not a 'positive' spin off...baldrick.777 wrote:The other positive spin-off is the general public are now aware of Linux as an OS - as opposed to the common misconception that it's only Windows and Mac!
Re: Recent bash vulnerability and patch questions
They say any publicity is good publicity.niowluka wrote: Well, if the general public form their opinions about Linux on the latest headlines, then this is definitely not a 'positive' spin off...
shellshock/BASH on very old Mint
Sorry for starting yet another thread on the BASH topic but I have very little exposure to Linux. My father in law has a computer purchased in about 2008/9 which runs an Eldy front end over Mint Linux. Eldy is a simplified SW interface designed for old people he is familiar with it and it does all he needs so no desire to change that.
My question is whether there will be anyway to patch a BASH fix onto this PC without a complete Linux install. I really don't want to go down that route as I am not certain on Eldy support for later versions etc. I cant afford to trash his PC as it is an important link to the outside world for him and he makes heavy use of it.
Any guidance gratefully received.
My question is whether there will be anyway to patch a BASH fix onto this PC without a complete Linux install. I really don't want to go down that route as I am not certain on Eldy support for later versions etc. I cant afford to trash his PC as it is an important link to the outside world for him and he makes heavy use of it.
Any guidance gratefully received.
Re: Main Edition: BASH vulnerability a.k.a. 'Shellshock'
First of all, this bash issue is only important for Server. Not for the home edition of Linux. Even without a fix, your father is safe.
This said, you did not give us the version of Linux Mint his computer is running. If it's an obsolete version, then bash is the last of your problem since your father is facing a lot of other security breaks...
This said, you did not give us the version of Linux Mint his computer is running. If it's an obsolete version, then bash is the last of your problem since your father is facing a lot of other security breaks...
Re: Main Edition: BASH vulnerability a.k.a. 'Shellshock'
Servers; local area networks with multiple users, they will be vulnerable!
G.
G.
Re: Main Edition: BASH vulnerability a.k.a. 'Shellshock'
I'm running Linux Mint 17 XFCE edition is there any updates and should i even be using my pc im worry about The Bash Security Threat
Re: Main Edition: BASH vulnerability a.k.a. 'Shellshock'
Please read the first post on this topic.cold39 wrote:I'm running Linux Mint 17 XFCE edition is there any updates and should i even be using my pc im worry about The Bash Security Threat
Re: Main Edition: BASH vulnerability a.k.a. 'Shellshock'
Looks like the aftershocks aren't over yet... We got CVE-2014-6277 and CVE-2014-6278 now.
Re: Main Edition: BASH vulnerability a.k.a. 'Shellshock'
Oh noes!
the swiss-cheese shell?
the swiss-cheese shell?
Re: Main Edition: BASH vulnerability a.k.a. 'Shellshock'
Sorry, I just was responding to someone who went off topic.. but I will stay on topic from here.Pilosopong Tasyo wrote:I'm reminding present participants to stay on-topic. If you have any issue that doesn't have anything to do with the theme of this thread, kindly create a new one in the appropriate section and address it there. Thank you.
Re: Main Edition: BASH vulnerability a.k.a. 'Shellshock'
slick work lads - many thanks!
Re: Main Edition: BASH vulnerability a.k.a. 'Shellshock'
Please, note that a few posts which - triggered by the fact that obsolete Mint releases will not get a bug-fixed bash - were more about disappointment and dissatisfaction with the Linux Mint life cycles than about 'shellshock' have been moved into a new thread: Linux Mint Life Cycles
The people of Alderaan have been bravely fighting back the clone warriors sent out by the unscrupulous Sith Lord Palpatine for 792 days now.
Lifeline
- Spearmint2
- Level 16
- Posts: 6900
- Joined: Sat May 04, 2013 1:41 pm
- Location: Maryland, USA
Re: Main Edition: BASH vulnerability a.k.a. 'Shellshock'
the thread
Still using Linux Mint 14, 15, or 16? Upgrade to 17 asap!
is locked,
so perhaps a moderator would add a mention to end of it about BASH "shellshocked" and how that makes it IMPERATIVE to upgrade to Mint 17 and fully upgrade it.
Still using Linux Mint 14, 15, or 16? Upgrade to 17 asap!
is locked,
so perhaps a moderator would add a mention to end of it about BASH "shellshocked" and how that makes it IMPERATIVE to upgrade to Mint 17 and fully upgrade it.
All things go better with Mint. Mint julep, mint jelly, mint gum, candy mints, pillow mints, peppermint, chocolate mints, spearmint,....
Re: Main Edition: BASH vulnerability a.k.a. 'Shellshock'
The people of Alderaan have been bravely fighting back the clone warriors sent out by the unscrupulous Sith Lord Palpatine for 792 days now.
Lifeline
Re: Main Edition: BASH vulnerability a.k.a. 'Shellshock'
for the life of me, I can't figure why with such a critical vulnerability, it was given an urgency of medium.
forgive me if that's off-topic.
Code: Select all
apt-get changelog bash | less
...
bash (4.3-7ubuntu1.4) trusty-security; urgency=medium
Re: Main Edition: BASH vulnerability a.k.a. 'Shellshock'
Because it's not a critical vulnerability ?Habitual wrote:for the life of me, I can't figure why with such a critical vulnerability, it was given an urgency of medium.
Re: Main Edition: BASH vulnerability a.k.a. 'Shellshock'
to quote the opening post of this thread:niowluka wrote:Because it's not a critical vulnerability ?Habitual wrote:for the life of me, I can't figure why with such a critical vulnerability, it was given an urgency of medium.
"The bash vulnerability primarily affects users running server software that uses shell scripts (e.g., Apache web server with CGI scripts), where the shell scripts are poorly written (no sanitizing of user input; rookie web developer mistake), the user has changed the default sh shell from dash to bash (that's right; bash isn't the default sh shell), and the server software is reachable from the Internet.
In other words, as home users not running any server software that is reachable from the Internet, this bash vulnerability doesn't immediately affect you."
so Not A Big Deal for 99.9% of us
Peter
Mate desktop https://wiki.debian.org/MATE
Debian GNU/Linux operating system: https://www.debian.org/download
Mate desktop https://wiki.debian.org/MATE
Debian GNU/Linux operating system: https://www.debian.org/download
Re: Main Edition: BASH vulnerability a.k.a. 'Shellshock'
Well, when you put it that way
- Spearmint2
- Level 16
- Posts: 6900
- Joined: Sat May 04, 2013 1:41 pm
- Location: Maryland, USA
Re: Recent bash vulnerability and patch questions
True, Windows seems to thrive on bad news. Maybe there's something to it. It makes the user feel more "needed" by his operating system? Or, if my OS is a bigger failure than I am, I'm not doing too bad after all? Probably some sort of reverse psychological thing.baldrick.777 wrote:They say any publicity is good publicity.niowluka wrote: Well, if the general public form their opinions about Linux on the latest headlines, then this is definitely not a 'positive' spin off...
All things go better with Mint. Mint julep, mint jelly, mint gum, candy mints, pillow mints, peppermint, chocolate mints, spearmint,....