oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

RE: more bash parser bugs (CVE-2014-6277, CVE-2014-6278)

From: "Menkhus, Mark (Global Cyber Security SSRT)" <mark.menkhus () hp com>
Date: Thu, 2 Oct 2014 18:45:10 +0000
Thanks, 

I was reading the list, but missed this one.  I shared it with a lot of my friends at HP!

Mark

-----Original Message-----
From: Sona Sarmadi [mailto:sona.sarmadi () enea com] 
Sent: Thursday, October 02, 2014 12:35 PM
To: Menkhus, Mark (Global Cyber Security SSRT); oss-security () lists openwall com
Cc: Solar Designer
Subject: RE: [oss-security] more bash parser bugs (CVE-2014-6277, CVE-2014-6278)



What URL do I point to see the security bugs listed by CVE for CVE for 
bash43-
25 through -28?

I didn't see it in the patches themselves - 
ftp://ftp.cwru.edu/pub/bash/bash-4.3-patches

Sorry, I am new to bash culture,
Mark Menkhus
Hewlett Packard


Mark
Look here (from Michal 's post) for a summary of each CVE and corresponding upstream patches (GNU patches): 
http://www.openwall.com/lists/oss-security/2014/10/02/28 

/Sona
Previous By Date Next
Previous By Thread Next

Current thread: