Launch mintupdate, the shield icon on the right hand side of the panel. Go to Edit => Preferences. In the tab "Levels" make sure that at minimum the software packages of levels [1], [2] and [3] have been configured to be "visible" and "safe for installation". Once done, click on the large [Refresh] button.I tried looking for updates and it came back that my system is up to date, however, when I run: env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
it still comes back that my system is vulnerable. I have the latest release of Mint (KDE).
Unless you have already installed the latest bash update(s) without noticing, the list of available updates should include
+ either bash 4.3-7ubuntu1.3 (Mint 17)
+ or bash 4.2-2ubuntu2.3 (Mint 13)
Click on the [install Updates] button.
You can check which bash package has been installed on your system e.g. by opening a terminal window and running the commandline
Code: Select all
dpkg --list bash
HTH,
Karl
--
Note:
While writing this, yet another bash security update was offered for installation on my Mint 13 here:
Code: Select all
bash (4.2-2ubuntu2.5) precise-security; urgency=medium
* SECURITY UPDATE: out-of-bounds memory access
- debian/patches/CVE-2014-718x.diff: guard against overflow and fix
off-by-one in bash/parse.y.
- CVE-2014-7186
- CVE-2014-7187
* SECURITY IMPROVEMENT: use prefixes and suffixes for function exports
- debian/patches/variables-affix.diff: add prefixes and suffixes in
bash/variables.c.
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Fri, 26 Sep 2014 13:27:53 -0400