Mentioned on the SSL Version control download page is that FF34, FF33 reset to TLS1.0 on restart. https://addons.mozilla.org/en-US/firefox/addon/ssl-version-control/reviews/ . I can set the Version Control preference in the dropdown to anything, restart Seamonkey, and the page at https://www.howsmy...

perdido wrote:
This site tells you which SSL/TLS you are using.

https://www.howsmyssl.com/

.

It tells me

Bad Your client is using TLS 1.0

while SSL Version Control 0.2 is set to TLS 1.2

I tried setting SSL Version Control 0.2 to TLS 1.2 in the dropdown. I haven't had any problems with websites, yet, don't know if it is doing anything, and there is no longer a dropdown menu to select the version in this extension's preferences.

@Bird Dog, You probably want to update your browser, and use an extension which disables SSLv3 to avoid the POODLE vulnerability . In firefox I use: https://addons.mozilla.org/it/firefox/addon/ssl-version-control/?src=api Thanks. I had to find an EN page: As of version 0.2, this add-on should work ...

Thanks, mathroval

Batch Patcher command line has been updated to v1.1. I got this script and devx_431.sfs on my Puppy 4.3.1 With cpu MHz : 300.632 and MemTotal: 250352 kB it took a little while but it worked, run from ssh cli. 8) The binary it produced is a little smaller than the one from mavrothal's 3.0.21 pet, wh...

There is 'Pkg' - my package manager in Akita and Puppy Arcade.. It has a very extensive CLI interface, the only thing that would need changing is how it reads and writes to repo files.. Or maybe you could steal some functions from it... It's in the Akita thread.. Yes. I tried 0.9.5 but it got stuck...

I've got a small, mostly unattended web server running on Puppy 4.31 on a thin client. I can temporarily connect a monitor and install the patched bash by clicking on them and running pet-get in the gui. It would be more convenient if I could install the pet from CLI in an ssh session, possibly inco...

mavrothal wrote:bash-3.0.21.

Passes all tests

Your 3.0.20 still passes: There are others?

Thanks!

# bash -version GNU bash, version 3.00.20(1)-release (i486-pc-linux-gnu) Copyright (C) 2004 Free Software Foundation, Inc. # curl --insecure https://shellshocker.net/shellshock_test.sh | bash % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 200...

# curl --insecure https://shellshocker.net/shellshock_test.sh | bash .. CVE-2014-6271 (original shellshock): not vulnerable bash: shellshocker: command not found CVE-2014-6278 (Florian's patch): not vulnerable CVE-2014-7169 (taviso bug): not vulnerable CVE-2014-//// (exploit 3 on http://shellshocke...

Just compiled bash-3.0.19.pet and is working properly :wink: (till the next vulnerability is discovered :roll: ) # bash -version GNU bash, version 3.00.19(1)-release (i486-pc-linux-gnu) Copyright (C) 2004 Free Software Foundation, Inc. # foo='() { echo not patched; }' bash -c foo bash: foo: command...

Leon wrote:

Code: Select all

foo='() { echo not patched; }' bash -c foo
bash: foo: command not found

It seems patched.

Good. I get that on my ROSA 2012 computer but not on my Puppy 431.

New update patch 027, compiled in Carolina. # cd /tmp; rm -f /tmp/echo; env 'x=() { (a)=>\' bash -c "echo date"; cat /tmp/echo date cat: /tmp/echo: No such file or directory # bash-4.3.27-1.pet bash_DOC-4.3.27-1.pet bash_NLS-4.3.27-1.pet Frisbee appears to be working with this version Ins...

Here is bash 3.0.18 for wary/racy 5.5 that also passes the cd /tmp; rm -f /tmp/echo; env 'x=() { (a)=>\' bash -c "echo date"; cat /tmp/echo test. That worked on my Puppy 4.31 a couple of days ago. As has been conjectured from the beginning, it seems there are further vulnerabilities disco...

Shellshock vulnerability affects majority of Internet servers and devices; get technical information here Scan your servers........ http://www.trendmicro.com/us/security/shellshock-bash-bug-exploit/index.html Well, I followed instructions and got all Pass . I guess this is thanks to the patched bas...

Here is bash 3.0.18 for wary/racy 5.5 that also passes the cd /tmp; rm -f /tmp/echo; env 'x=() { (a)=>\' bash -c "echo date"; cat /tmp/echo test. I happen to be running a small webserver in Puppy 4.31 small on an Igel thin client. http://www.murga-linux.com/puppy/viewtopic.php?p=508271#50...

Thanks. # pwd /root # ls / archive extlinux.conf initrd mnt pup_save_crypta.3fs tmp bin extlinux.sys initrd.gz opt root usr boot.msg fsckme.flg lib proc sbin var dev help2.msg logo.16 puppy_precise_5.4.3.sfs selinux vietnam etc help.msg lost+found pup_save_crypta.2fs sys vmlinuz # ls /root/Choices/ ...

I did install the devx and that seems to be enough for gwenview and k3b to appear to be working. WRT other ideas, I had tried searching on mimes and installing such programs that I did run an update-mime command, before. I'm not inclined to fool more with it but do have some cli results to report, F...

I will do that, thanks.