Umbrella Insights Virtual Appliance - version 1.3.11

Summary

On Tuesday, September 30 2014,  OpenDNS will release the Umbrella Insights Virtual Appliance, version 1.3.11

Change Summary (1.3.9 to 1.3.11)

This version contains a patch for the BASH/Shellshock vulnerability.  Please note that all earlier versions of the VA were not exploitable, this is simply a precautionary measure.  For more information on the Shellshock vulnerability, check here: https://support.opendns.com/entries/56701530

Changes in this version:

• Patch for the CVE-2014-6271 bash vulnerability ("shellshock").
• Prevent admins from adding OpenDNS root servers as localdns servers, as this resulted in losing identity granularity.

All Umbrella customers with 2 or more deployed VAs will download this patch within 2 hours of release, and will apply the upgrade according to their Organization's upgrade window (which can be set in the dashboard).  Customers with non-redundant VAs will not automatically apply the upgrade, as that would cause downtime.