Re: Shellshock: Has CVE-2014-7186 and CVE-2014-7187 been addressed for debian
On Sun, 28 Sep 2014 06:33:13 +1000
Andrew McGlashan <andrew.mcglashan@affinityvision.com.au> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On 28/09/2014 4:29 AM, Martin Holub wrote:
> > Please according to the Security Tracker [1,2] booth are fixed in
> > stable and oldstable.
>
> NOT QUITE ..... fixed in stable [wheezy]
> and "oldstable-LTS" [squeeze-lts] ....
>
>
> BUT NOT oldstable [squeeze] it is NOT fixed,
> nor is it still supported. :(
>
But just add the right incantations to sources.list and all will be
well.
--
Joe
Reply to: