Linux "shellshock" security issue

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • rhyne
    Aspiring Member
    • Dec 2012
    • 2
    #1

    Linux "shellshock" security issue

    Any news on patching CS1K & CM linux servers for the "Shellshock" vulnerability?

    Google
    https://www.google.com/?gws_rd=ssl#q=shellshock+vulnerability
    Search the world's information, including webpages, images, videos and more. Google has many special features to help you find exactly what you're looking for.
    Tags: None
  • morga9
    Aspiring Member
    • Sep 2014
    • 1
    #2
    Some info on this would be appreciated.

    Comment

    • rbrookes
      Guru
      .
      • Jan 2012
      • 144
      #3
      Shellshock/Bash impact update for Avaya products
      Avaya’s Product Security Team is aware of the Shellshock security issue and is working aggressively with product teams across our portfolio to assess any possible impact and identify a mitigation plan as appropriate. An Avaya Security Advisory (ASA) will be published later today, Friday 26 September at approximately 7pm ET. The Product Security team will continue to report findings as they become available.

      Please visit the following link on the Avaya Support Website for the latest information on this topic. All ASAs for Shellshock will be posted to this site.

      Avaya Support Website – Shellshock/Bash Impact for Avaya Products - https://support.avaya.com/helpcenter/getGenericDetails?detailId=C2014926131554370002
      Russ Brookes | Avaya, KCS Leader | +1 613.771.7590 | [email protected] | NA Eastern Time Zone

      Comment

      • sdilu
        Aspiring Member
        • Sep 2014
        • 1
        #4
        Originally posted by rbrookes View Post
        Shellshock/Bash impact update for Avaya products
        Avaya’s Product Security Team is aware of the Shellshock security issue and is working aggressively with product teams across our portfolio to assess any possible impact and identify a mitigation plan as appropriate. An Avaya Security Advisory (ASA) will be published later today, Friday 26 September at approximately 7pm ET. The Product Security team will continue to report findings as they become available.
        The latest Security Advisory says "This issue will be addressed in accordance with section five of Avaya's Product Security Vulnerability Response Policy". That policy states that a patch development timeline will be included in a Security Advisory. So when can we expect a patch development timeline? And when will your product security team finish its analysis? We are almost 72 hours after release of an epic bug. Some commitment from you would go a long way.

        Comment

        Previous template Next
        Loading