Re: about bash and Debian Lenny

[David Dejaeghere <david.dejaeghere@gmail.com>]

What part of:
"Debian GNU/Linux 5.0 has been superseded by Debian 6.0 ("squeeze"). Security updates have been discontinued as of February 6th, 2012. "
http://www.debian.org/releases/lenny/index.en.html

, didnt you understand? :)

There are much more security issues than shellshock alone with Debian Lenny in its current state. If you need to secure your old boxes you will have to look for alternative methods outside of supported packages.  Think about improved firewalling. 

What attack vectors of the shellshock exploit are worrying to you?

Regards,

David

2014-10-01 13:45 GMT+02:00 Nikolay Hristov <geroy@stemo.bg>:

On 10/01/2014 02:37 PM, Izak Burger wrote:

I made lenny packages for my machines. I could share them if you want?

On Wed, Oct 1, 2014 at 1:28 PM, Nikolay Hristov <geroy@stemo.bg> wrote:

Hello there,

I know that this is outdated debian release and it is in the archives but I still have 6 servers running Lenny and I don't want to upgrade them to newer versions for several reasons.
Any chance that we will get official debian package for Lenny? I'm sure that I'm not the only one with such problem. I don't want to use deb packages from different sources because I cannot trust them.

Shellshock has such big impact on the internet so please give us Lenny package.

Nikolay Hristov



--
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: [🔎] 542BE551.3020005@stemo.bg" target="_blank">https://lists.debian.org/[🔎] 542BE551.3020005@stemo.bg

Which part of "I don't want to use deb packages from different sources because I cannot trust them" you didnt understand? ;-)

Nikolay Hristov