CVE-2014-6271 aka. bash “shellshock” is now patched in our Docker base image.
cd /var/discourse git pull ./launcher rebuild app
/var/docker if your installation is still in that directory.)
It is highly unlikely this vulnerability would effect Discourse as
ENV injection is not really something we do, NGINX does or Unicorn does. However, better safe than sorry.
In other news, I also shrunk down our base image using docker squash so it should take less time to update it and less space.