First Heartbleed, now Shellshock.

The new big bugs in important libraries/software have their own ‘brand’ name now. A bit crazy and a bit overkill in my opinion, but at least now such bad security holes are getting enough attention to be fixed FAST, hopefully.

I’ve updated my server immediately after good patches were available, so for the Shellshock vulnerability the update was applied just 5 minutes before this posting. 😉

So apart from not using cgi scripts and stripped down ssh shells, my server is as secure as possible again.

[edit] Well, some patches will are still on the way…