Bash Security Update

Two related security issues, known as CVE-2014-6271 and CVE-2014-7169, affecting the bash shell were announced over the last two weeks. The bash shell is a standard component of most Linux hosts, including the Solano CI test environment, and is broadly deployed and used within the Linux community more generally.
Solano Labs utilizes Linux running in Amazon EC2.  Given the severity of the recent bash vulnerabilities, within an hour of  the public announcements of these vulnerabilities, we audited our infrastructure for the security issues, determined that our APIs and backends were not affected, patched the issues, and thereby ensured that our services are not affected.  We recommend that all customers managing their own Linux hosts ensure that they have installed a patched version of the bash shell locally.

Post a Comment