If you have added BASH to your IBM i in PASE, please check the
NIST CVE database for information about a newly discovered
vulnerability and then check with your source for BASH to obtain
a fix if necessary.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271
The last update I received from my security focused collegue was
- Power Linux is preparing a rollout including PowerKVM: they
are on alert and new codes should be released in matter of a
few hours.
- AIX team is preparing a rollout of the optional bash product
in the AIX toolbox web site: they are also on alert and new
codes should be released in matter of a few hours too. Here:
http://www-
03.ibm.com/systems/power/software/aix/linux/toolbox/download.htm
l
- IBM i is does not ship bash product and did not involve bash
in any OpenSSH package. However, customers may port bash to run
in the PASE environment.
This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact
[javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
