Greetings, all...

I see that Novell has a handy security note out regarding CVE-2014-6271:

as it pertains to SUSE and SLE, as well as one for CVE-2014-7169:

Testing in a bash shell on one of my NetWare boxes, I've been pleasantly
surprised, though remain unconvinced that the older bash port is entirely
free of vulnerability, here.

Yes, I do have a couple SSL sites running on NetWare Apache (2.2.27), though
I don't believe that anyone is using mod_cgi or mod_cgid.

(BTW, if anyone needs patched versions of bash 3.0.27 for CentOS 4.8, I have
32 and 64-bit binary rpms on my FTP server: .)

Just curious as to what the consensus is regarding NetWare with this thing.


Lewis G Rosenthal, CNA, CLP, CLE, CWTS
Rosenthal & Rosenthal, LLC
Need a managed Wi-Fi hotspot?
visit my IT blog