oss-sec mailing list archives

Re: CVE-2014-6271: remote code execution through bash

From: cve-assign () mitre org
Date: Wed, 24 Sep 2014 21:36:47 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

MITRE is currently using CVE-2014-7169 to track the report of the
incomplete patch, i.e., incorrect function parsing that's present in
builds that are up-to-date with the
http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-025 changes. We
realize that other people may be releasing further information about
the technical details and implications later. CVE-2014-7169 expresses
the affected upstream versions as "GNU Bash through 4.3 bash43-025" --
in general, this would include distribution packages released earlier
today (2014-09-24).

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJUI3DaAAoJEKllVAevmvms+/kH/32ZGjC+BSqKoz6ZBUCMLnQ2
+Li91/GvD0Rs8bqKPDsz30spiJR57ZluKMrlxJrlIffiHqAFiYkQ3+JXmnK/HAnA
OtgToNtZ+1BV2jPrjXhuy2h+E5paTXMhM0T12xaUo89vtE7oer4Pld4JDqreXSSk
1Nfu5AaGcvbBmwaNRn1qw+nARw0CFPmMRa169jQAesAAcyNx8V7IPgFpPj4K4S8c
0zKXVdhIZxXvPcdZ5QzXKhcluOyOl1dJsjXR1qXT03QJsvhRighqb/3dZy+4mLyl
JWhDfs7l8XXGCzbF8eSg2CNBpTGy1d/32F7YqaKj53xWFWyktHtbk4nJ5hlPlKU=
=E9tp
-----END PGP SIGNATURE-----

Current thread:

Re: CVE-2014-6271: remote code execution through bash, (continued)
- - - Re: CVE-2014-6271: remote code execution through bash Simon McVittie (Sep 26)
    - Re: CVE-2014-6271: remote code execution through bash Solar Designer (Sep 25)
    - Message not available
    - Re: CVE-2014-6271: remote code execution through bash Chet Ramey (Sep 25)
    - Re: CVE-2014-6271: remote code execution through bash Alexandre Dulaunoy (Sep 25)
    - Re: CVE-2014-6271: remote code execution through bash Larry W. Cashdollar (Sep 25)
    - Re: CVE-2014-6271: remote code execution through bash Chet Ramey (Sep 25)
    - Re: CVE-2014-6271: remote code execution through bash Dwayne Litzenberger (Sep 26)
    - Re: CVE-2014-6271: remote code execution through bash Solar Designer (Sep 26)
    - Re: CVE-2014-6271: remote code execution through bash Chet Ramey (Sep 26)
  - Re: CVE-2014-6271: remote code execution through bash Michal Zalewski (Sep 24)
  - Re: CVE-2014-6271: remote code execution through bash cve-assign (Sep 24)
- Re: CVE-2014-6271: remote code execution through bash Riot (Sep 26)
- Fwd: CVE-2014-6271: remote code execution through bash Gennady Kupava (Sep 26)