oss-sec mailing list archives
Re: CVE-2014-6271: remote code execution through bash
From: Alexandre Dulaunoy <a () foo be>
Date: Thu, 25 Sep 2014 20:48:25 +0200
On Thu, Sep 25, 2014 at 8:35 PM, Chet Ramey <chet.ramey () case edu> wrote:
On 09/25/2014 08:31 AM, Chet Ramey wrote:Wondering if you saw http://www.openwall.com/lists/oss-security/2014/09/24/40 ?The (one-line) patch I sent last night appears to fix this. Please verify.
Indeed, we tested the yacc fix along with bash43-025 on different systems. Applying bash43-025 and eol-pushback.patch fixed it. We made some notes there for the people upgrading from the source: http://www.circl.lu/pub/tr-27/#recommendations Feedback welcome. -- -- Alexandre Dulaunoy (adulau) -- http://www.foo.be/ -- -- "Knowledge can create problems, it is not through ignorance -- that we can solve them" Isaac Asimov
Current thread:
- Re: CVE-2014-6271: remote code execution through bash, (continued)
- Re: CVE-2014-6271: remote code execution through bash Chet Ramey (Sep 24)
- Re: CVE-2014-6271: remote code execution through bash John Haxby (Sep 25)
- Re: CVE-2014-6271: remote code execution through bash Michal Zalewski (Sep 25)
- Re: CVE-2014-6271: remote code execution through bash Simon McVittie (Sep 25)
- Re: CVE-2014-6271: remote code execution through bash John Haxby (Sep 25)
- Re: CVE-2014-6271: remote code execution through bash Simon McVittie (Sep 25)
- Re: CVE-2014-6271: remote code execution through bash Chet Ramey (Sep 25)
- Re: CVE-2014-6271: remote code execution through bash Simon McVittie (Sep 26)
- Re: CVE-2014-6271: remote code execution through bash Solar Designer (Sep 25)
- Message not available
- Re: CVE-2014-6271: remote code execution through bash Chet Ramey (Sep 25)
- Re: CVE-2014-6271: remote code execution through bash Alexandre Dulaunoy (Sep 25)
- Re: CVE-2014-6271: remote code execution through bash Larry W. Cashdollar (Sep 25)
- Re: CVE-2014-6271: remote code execution through bash Chet Ramey (Sep 25)
- Re: CVE-2014-6271: remote code execution through bash Dwayne Litzenberger (Sep 26)
- Re: CVE-2014-6271: remote code execution through bash Solar Designer (Sep 26)
- Re: CVE-2014-6271: remote code execution through bash Chet Ramey (Sep 26)