[Koha] Important security update for Linux systems

Robin Sheat robin at catalyst.net.nz
Thu Sep 25 14:36:43 NZST 2014


This isn't strictly Koha related, but very important to be aware of
nonetheless. There's a recently announced vulnerability in bash in Linux
which is remotely exploitable.

Some references:
http://www.csoonline.com/article/2687265/application-security/remote-exploit-in-bash-cve-2014-6271.html
http://seclists.org/oss-sec/2014/q3/650
https://lists.debian.org/debian-security-announce/2014/msg00220.html

I'm not aware of any way that Koha makes this easier to exploit, but I
wouldn't be surprised to find that there is one somewhere. So go run
your security updates. Also keep an eye on them over the next couple of
days, I wouldn't be surprised to find a better-fixed version coming out
in the near future.

-- 
Robin Sheat
Catalyst IT Ltd.
✆ +64 4 803 2204
GPG: 5FA7 4B49 1E4D CAA4 4C38  8505 77F5 B724 F871 3BDF



More information about the Koha mailing list