Skip to main content

Posts

Showing posts with the label updates

Patching Your Redhat Server for the Shellshock Vulnerability

Introduction Alright guys, this is a biggie. Shellshock allows remote code execution and file creation for any server relying on bash v3.4 through v1.1. If you are using Redhat or CentOS and the default shell, your server is vulnerable. The patching history was sketchy, as well. If you patched immediately when the bug came out using  CVE-2014-6271 , you are still likely vulnerable (as of right now, 9/26/2013 12:50PM EST). Run the following to apply the patch: #yum update bash You need CVE-2014-7169  if you are using Red Hat Enterprise Linux 5, 6, and 7. Note that 2014-7169 DOES NOT address the following operating systems, which as of right now are still not fully patched: Shift_JIS, Red Hat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise Linux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Extended Update Support, Red Hat Enterprise Linux 6.2 Advanced Update Support, and Red Hat Enterprise Linux 6.4 Extended Update Support If you applied CVE-2014-6271 and nee

Ch-Ch-Ch-Changes

I recently came across this funny and insightful note on the issues admins face selling changes to their users. Originally aimed at online gaming communities, the same relationship management issues pop up when you update a webmail interface, introduce a VPN or really add any features to a long-standing and actively used tech product. A big hat tip goes to Wilhelm of TAGN for this. "If your community was currently being dragged from place to place in a wooden box lined with broken glass, and you told them you were going to replace the box with a hovercar lined with fur, you would have [to] pry half of them out of the box with a crowbar. And some of them will be complaining years from now that riding in the box built character, and fur makes them sneeze." -The Metaverse Mod Squad (Sanya Weathers) on Making Community Changes Without Pain