On 2014-09-09 21:08, Adam Walter wrote:
Our system is not exposed via ssh and there is no way to pass an OS call through the PHP vulnerability side as we do not run PHP. The threat here is minimal. However, we do need to update a few of these, I would like to do an apt-get upgrade this Thursday to true up. I will create a mops ticket to contain the pertinent info. Our regular upgrade cycle will begin October 6th.
Good to know, thanks. -- Jonathan Wiltshire jmw@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 <directhex> i have six years of solaris sysadmin experience, from 8->10. i am well qualified to say it is made from bonghits layered on top of bonghits