Coviant Software has confirmed that Diplomat software products do not need to be patched or updated to address the ShellShock vulnerability.
No patches or other updates are required for Diplomat Managed File Transfer Basic, Standard and Enterprise Edition or the free Diplomat OpenPGP Community Edition.
Diplomat products running on Windows systems are not affected by the ShellShock vulnerability.
Diplomat products running on Red Hat Linux systems cannot be used to compromise environment variables or other system resources. However, if environment variables have already been compromised on a vulnerable Red Hat Linux system where the Diplomat MFT Service is installed, then unintended commands or programs could execute when the Diplomat MFT Service starts or stops.
Coviant Software recommends that our customers who deploy Diplomat products on Red Hat Linux apply the appropriate patches as they become available from Red Hat. More information is available from Red Hat at https://access.redhat.com/articles/1200223.
If you have any questions, please feel free to contact us at firstname.lastname@example.org.