Re: Shellshock: Has CVE-2014-7186 and CVE-2014-7187 been addressed for debian
On Sun, 28 Sep 2014 06:33:13 +1000
Andrew McGlashan <firstname.lastname@example.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> On 28/09/2014 4:29 AM, Martin Holub wrote:
> > Please according to the Security Tracker [1,2] booth are fixed in
> > stable and oldstable.
> NOT QUITE ..... fixed in stable [wheezy]
> and "oldstable-LTS" [squeeze-lts] ....
> BUT NOT oldstable [squeeze] it is NOT fixed,
> nor is it still supported. :(
But just add the right incantations to sources.list and all will be