http://web.nvd.nist.gov/view/vuln/de...=CVE-2014-7169
The patch for CVE-2014-6271 did not prevent all exploits, CVE-2014-7169 was assigned to another method.
Debian released another updated bash package to address CVE-2014-7169 about 15 hours ago.
If you updated your bash before that time or near that time you likely need to update again.
To update only bash this command works well:
I've seen numerous exploit attempts in many web server logs, patch quickly!
The patch for CVE-2014-6271 did not prevent all exploits, CVE-2014-7169 was assigned to another method.
Debian released another updated bash package to address CVE-2014-7169 about 15 hours ago.
If you updated your bash before that time or near that time you likely need to update again.
To update only bash this command works well:
Code:
apt-get update && apt-get install --only-upgrade bash -y