Customer ALERT: Please take the time to read through the following notifications and alert your teams/customers regarding this bug.
The Symantec Storage Foundation Products position on the BASH ShellShock bug and the related Technotes are now published externally:
http://www.symantec.com/business/support/index?page=content&id=TECH225112
The pertinent content explaining the position of IA products is as follows:
It is of critical importance for customers to apply the available BASH patches immediately.
Check with the Operating System Vendor to determine if your version of BASH is affected and apply the vendor’s patch as necessary.
Further details are available in the Symantec overview of ShellShock:
http://www.symantec.com/connect/blogs/shellshock-all-you-need-know-about-bash-bug-vulnerability
The Symantec products in the table below may interface with a vulnerable version of BASH on the host operating system. None of these IA products have been proven to be vulnerable. As a precaution, for the Symantec products in the table below, we recommend that services are stopped and restarted after a patch for BASH has been applied.
| Product | BASH Status |
| Storage Foundation for Unix/Linux (SF) | BASH is not distributed with this product |
| Storage Foundation and High Availability solutions (SFHA) | BASH is not distributed with this product |
| Storage Foundation Cluster File System (SFCFS) | BASH is not distributed with this product |
| Storage Foundation for Oracle RAC (SFRAC) | BASH is not distributed with this product |
| Storage Foundation for Windows | BASH is not distributed with this product |
| Volume Manager (VxVM) | BASH is not distributed with this product |
| Volume Replicator (VVR) | BASH is not distributed with this product |
| File Replicator (VFR) | BASH is not distributed with this product |
| Dynamic Multi-Pathing (DMP) | BASH is not distributed with this product |
| Veritas File System (VxFS) | BASH is not distributed with this product |
| Cluster Server (VCS) for Unix/Linux | BASH is not distributed with this product |
| Cluster Server for Windows (VCSW) | BASH is not distributed with this product |
| ApplicationHA | BASH is not distributed with this product |
| FileStore (S/W Appliance) | A vulnerable version of BASH is distributed with FileStore, see technote TECH225136 |
| FileStore N8300 (H/W appliance) | A vulnerable version of BASH is distributed with FileStore, see technote TECH225136 |
| Data Insight | BASH is not distributed with this product |
| Veritas Operations Manager (VOM) | BASH is not distributed with this product |
| CommandCentral Storage (CCS) | BASH is not distributed with this product |
| Veritas Enterprise Administrator (VEA) | BASH is not distributed with this product |
| Symantec Disaster Recovery Orchestrator (DRO) | BASH is not distributed with this product |
FileStore Product:
If you are using the Symantec FileStore product, a patch for BASH is available from Symantec, reference tech note TECH225136 <http://www.symantec.com/docs/TECH225136> for more information on how to obtain this patch.
VirtuallyLG 