Skip to Content.
Sympa Menu

perfsonar-user - [perfsonar-user] Fwd: [CentOS-announce] CESA-2014:1293 Critical CentOS 6 bash Security Update

Subject: perfSONAR User Q&A and Other Discussion

List archive

[perfsonar-user] Fwd: [CentOS-announce] CESA-2014:1293 Critical CentOS 6 bash Security Update


Chronological Thread 
  • From: Jason Zurawski <>
  • To: "" <>, perfsonar-announce <>
  • Cc: "" <>
  • Subject: [perfsonar-user] Fwd: [CentOS-announce] CESA-2014:1293 Critical CentOS 6 bash Security Update
  • Date: Wed, 24 Sep 2014 16:46:09 -0600

Greetings;

Please see below for an announcement from the CentOS project regarding a
critical security update to the bash application. Additional information on
the vulnerability can be found at the following URLs:

https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
https://access.redhat.com/security/cve/CVE-2014-6271
http://seclists.org/oss-sec/2014/q3/650

perfSONAR netinstall users are encouraged to run 'yum update' immediately,
and pull down the patched version of this package. This will come from
CentOS directly.

The perfSONAR team is currently rebuilding the LiveCD product for version
3.3, and will announce to these lists when it is available. Concerned parties
can power down their LiveCDs for the time being.

Please relay any questions or concerns regarding this announcement to the
developers:


Thanks;

-jason

Begin forwarded message:

> From: Johnny Hughes
> <>
> Subject: [CentOS-announce] CESA-2014:1293 Critical CentOS 6 bash Security
> Update
> Date: September 24, 2014 9:10:11 AM MDT
> To:
>
> Reply-To:
>
>
>
> CentOS Errata and Security Advisory 2014:1293 Critical
>
> Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1293.html
>
> The following updated files have been uploaded and are currently
> syncing to the mirrors: ( sha256sum Filename )
>
> i386:
> f17f9e203cc55846a050ce57efd67159e208ef8bd469633a471233e8b9c54a74
> bash-4.1.2-15.el6_5.1.i686.rpm
> 11628832fb279e1bdca2cb8f403f7080fbab9fde554ed6ce3081344f92a93d7a
> bash-doc-4.1.2-15.el6_5.1.i686.rpm
>
> x86_64:
> eb8e41a4752e64c5c64371e5ae2ddbd5857b1e879832557a89fad195f4ab8f5b
> bash-4.1.2-15.el6_5.1.x86_64.rpm
> 16312fa5b190cd20b8ce2374e8ea2404aa17c849003dd080105e6225fc379df1
> bash-doc-4.1.2-15.el6_5.1.x86_64.rpm
>
> Source:
> 063b6c42042d97a7aa32f8d058947275085a95a1545d1fe018bdc888e4dc093f
> bash-4.1.2-15.el6_5.1.src.rpm
>
>
>
> --
> Johnny Hughes
> CentOS Project { http://www.centos.org/ }
> irc: hughesjr,
> #
>
> _______________________________________________
> CentOS-announce mailing list
>
> http://lists.centos.org/mailman/listinfo/centos-announce


  • [perfsonar-user] Fwd: [CentOS-announce] CESA-2014:1293 Critical CentOS 6 bash Security Update, Jason Zurawski, 09/24/2014

Archive powered by MHonArc 2.6.16.

Top of Page