Vibe vulnerability with GNU Bash Remote Code Execution (aka ShellShock) and Mozilla NSS vulnerabilities

  • 7015717
  • 30-Sep-2014
  • 02-Oct-2014

Environment

Novell Vibe 3.x

Situation

Any installation of Novell Vibe running on OES or SLES is affected by the GNU Bash Remote Code Execution vulnerability (also known as ShellShock or Bash Bug) and the Mozilla Network Security Services (NSS) vulnerability as detailed in the following Common Vulnerabilities and Exposures (CVE) identifiers:

Further information regarding these security issues can be found here:

Mozilla NSS:


Resolution

Updates are available directly via the SLES / OES update channels; please apply updates and patches available through the respective support channel.

Additional Information

Vibe installation running on Windows are not affected.
Consult TID 7015701 for OES.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.