This post comes a bit late, long after Red Hat and the Fedora Project pushed a new update to close the gap in the original patch that went out Wednesday. If you haven’t already done a “yum update”, you’ll probably want to do that now. Related stuff below.
This is for Fedora:
Red Hat Enterprise Linux:
Also see Red Hat Security’s Shellshock FAQ.
Red Hat SELinux expert Dan Walsh chimes in on how a properly configured (and enforcing!) SELinux installation could have provided some protection for unpatched systems.
A really good, detailed, explanation of how Shellshocker works by Fedora Project lead Matt Miller:
I’m still looking for a detailed, step-by-step howto on deploying and configuring mod_security to meet these kinds of threats, without breaking existing apps. Maybe one will be forthcoming soon (Mitigating the shellshock vulnerability is a good technical resource for those who are already successfully running mod_security, but it might be daunting for anyone deploying the module for the first time during this crisis).
Shell based off “Shell”
CC-BY 3.0 by Guillaume Kurkdjian