Fixing the preliminary bash vulnerability on Forge
Published on by Eric L. Barnes
UPDATE: Ubuntu released a patch to fix this vulnerability after I wrote this post, and since Forge auto-applies security fixes nightly, all Forge-managed servers are now safe. You can read on for fun, but you’re now safe.
Matt Stauffer has a post for details on performing a preliminary fix for the bash vulnerability on Forge. Unfortunately, new ways have been exposed to exploit the vulnerability, so a second fix (hopefully released later today) will be required to completely secure your servers.
You should follow Matt’s guide to upgrade all of your Forge-managed servers, and later when the second fix is released his post will be updated.
Eric is the creator of Laravel News and has been covering Laravel since 2012.