Author Topic: Linux delegates - update bash to evade shellshock vulnerability!  (Read 2907 times)

0 Members and 1 Guest are viewing this topic.

Offline cryptillionaire

  • Full Member
  • ***
  • Posts: 153
    • View Profile
Excellent response guys, if anyone hasn't looked into patching this, please do.
It might not have a massive impact on bitshare dacs, but it's better safe than sorry.

Offline coolspeed

  • Hero Member
  • *****
  • Posts: 536
    • View Profile
    • My Blog
Please vote for  delegate.coolspeed    dac.coolspeed
BTS account: coolspeed
Sina Weibo:@coolspeed

Offline coolspeed

  • Hero Member
  • *****
  • Posts: 536
    • View Profile
    • My Blog
Please vote for  delegate.coolspeed    dac.coolspeed
BTS account: coolspeed
Sina Weibo:@coolspeed

Offline CoinHoarder

  • Hero Member
  • *****
  • Posts: 660
  • In Cryptocoins I Trust
    • View Profile
https://www.decentralized.tech/ -> Market Data, Portfolios, Information, Links, Reviews, Forums, Blogs, Etc.
https://www.cryptohun.ch/ -> Tradable Blockchain Asset PvP Card Game

Offline cryptillionaire

  • Full Member
  • ***
  • Posts: 153
    • View Profile
http://arstechnica.com/security/2014/09/concern-over-bash-vulnerability-grows-as-exploit-reported-in-the-wild/
Aparantley this has a huge impact on linux/unix/osx servers with bash installed; if you've got it installed, please update it and keep ontop of this news!

Updated to patched bash.

I do not see it as much of a threat. The exploit only works if a delegate is using shared hosting or running services such as Web server which has bash escape.  I doubt any delegate would do that.
Shared hosting like 2 cores out of 16 on a cloud provider? Cause I see that as quite a likely scenario.
Either way, best to be safe and patch it ;D

Offline cube

  • Hero Member
  • *****
  • Posts: 1404
  • Bit by bit, we will get there!
    • View Profile
  • BitShares: bitcube
http://arstechnica.com/security/2014/09/concern-over-bash-vulnerability-grows-as-exploit-reported-in-the-wild/
Aparantley this has a huge impact on linux/unix/osx servers with bash installed; if you've got it installed, please update it and keep ontop of this news!

Updated to patched bash.

I do not see it as much of a threat. The exploit only works if a delegate is using shared hosting or running services such as Web server which has bash escape.  I doubt any delegate would do that.
ID: bitcube
bitcube is a dedicated witness and committe member. Please vote for bitcube.

Offline maqifrnswa

  • Hero Member
  • *****
  • Posts: 661
    • View Profile
I think this does it:
http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-025

I think most distros already pushed fixes, maybe they just haven't propagated yet
maintains an Ubuntu PPA: https://launchpad.net/~showard314/+archive/ubuntu/bitshares [15% delegate] wallet_account_set_approval maqifrnswa true [50% delegate] wallet_account_set_approval delegate1.maqifrnswa true

Offline toast

  • Hero Member
  • *****
  • Posts: 4001
    • View Profile
  • BitShares: nikolai
I think there's not a patch that completely fixes it out yet
Do not use this post as information for making any important decisions. The only agreements I ever make are informal and non-binding. Take the same precautions as when dealing with a compromised account, scammer, sockpuppet, etc.

Offline liondani

  • Hero Member
  • *****
  • Posts: 3737
  • Inch by inch, play by play
    • View Profile
    • My detailed info
  • BitShares: liondani
  • GitHub: liondani
updated before 1-2 days bash....
Now I realize how important it is to update in  daily base!

Offline cryptillionaire

  • Full Member
  • ***
  • Posts: 153
    • View Profile
http://arstechnica.com/security/2014/09/concern-over-bash-vulnerability-grows-as-exploit-reported-in-the-wild/
Aparantley this has a huge impact on linux/unix/osx servers with bash installed; if you've got it installed, please update it and keep ontop of this news!