[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: about bash and Debian Lenny

On Wed, Oct 01, 2014 at 02:28:17PM +0300, Nikolay Hristov wrote:
> Hello there,
> I know that this is outdated debian release and it is in the archives but I
> still have 6 servers running Lenny and I don't want to upgrade them to newer
> versions for several reasons.
> Any chance that we will get official debian package for Lenny? I'm sure that
> I'm not the only one with such problem. I don't want to use deb packages
> from different sources because I cannot trust them.
> Shellshock has such big impact on the internet so please give us Lenny
> package.

You're doing this the wrong way - as others have already said, upgrade your
server to a supported release.

That said... have a look at this thread on oss-security for some suggestions
of easy-to-understand binary patches that will remove the vulnerable feature:


Attachment: signature.asc
Description: Digital signature

Reply to: