14 DAY TRIAL // IPFire 2.13 Core 83, a new version of the popular Linux-based firewall distribution, has been released by the developers to close the GNU Bash vulnerability.
The IPFire Linux distribution is built with one goal in mind – security. It has a modular structure and it's among the best firewall solutions based on the Linux kernel right now. It's been around for quite some time, so the developers have had plenty of time to improve upon it.
The distribution has several uses, and it can be used as a firewall, a proxy server or even a VPN gateway. The fact that it's built like a modular OS ensures that users will only get the features they want and nothing more. This also makes the entire operating system smaller and easier to use.
This is a small and important update for IPFire
If you are using IPFire, than this update is imperative. The developers of the OS have moved fast and patched the vulnerability in the Bash command interpreter that has been identified recently. It's a major problem for many Unix systems, including Mac OS X and Linux. It's no wonder that developers everywhere are scrambling to patch this issue for their products.
"It was possible to inject shell commands that were executed from the shell environment. IPFire uses CGI scripts for its web user interface. Therefore it was possible for authenticated users to execute shell commands with non-root privileges and of course users that had access to the shell on command line. Also other services that execute shell scripts like the DHCP client were vulnerable."
"We regard this as a serious security issue and recommend to update as soon as possible. Please do not forget to reboot your machine afterwards and check for updates for your other *nix distribution as well because they are probably vulnerable, too. It appears that there might be more problems in GNU bash for which there is no working fix available right now. So please stay tuned for more updates," write the IPFire devs.
The problem with the Bash vulnerability, called "Shellshock," is that the exploits in this package are still dangerous. Despite the patches that have been made available already, the work of the developers is not complete, so it's very likely that we'll see another IPFire update pretty soon.
The developers recommend all users of IPFire to upgrade their distributions. More details can be found on the official website. You can download IPFire 2.13 Core 83 right now from Softpedia.