OpenLogic has taken all necessary measures to ensure our customers are protected from the critical vulnerabilities represented by CVE-2014-6271 and CVE-2014-7169, also known as Shellshock. All OpenLogic infrastructures have been updated and patched to protect from exploitation by Shellshock:
OpenLogic governance, support, and audit services
OpenLogic governance, support, and audit systems are secure and have been patched for the Shellshock flaw.
Microsoft Azure Platform
OpenLogic Microsoft Azure CentOS images are currently being updated, and new images will be published shortly. We highly recommend that users update to prevent the security risks involved with this bug. To do this, update the installed version of the Bash package to the latest version by running the following command in a default environment:
$sudo yum update bash
OpenLogic Amazon AWS Marketplace images
OpenLogic Amazon AWS Marketplace offerings are currently being updated to include patched versions of Bash and new images will be published shortly. We highly recommend that users with currently running systems continue to pull community updates to prevent the security risks involved with this bug. To do this, update the installed version of the Bash package to the latest version by running the following command:
In a default CentOS environment: $sudo yum update bash
For Ubuntu users: $sudo apt-get update && sudo apt-get install bash
As the situation continues to develop, we will endeavor to keep our customers apprised of actions they must take to remain protected from exploitation through these vulnerabilities. As always, you can receive notifications about our latest updates through OpenUpdate notifications.