oss-sec mailing list archives
Re: CVE-2014-6271: remote code execution through bash
From: Chet Ramey <chet.ramey () case edu>
Date: Fri, 26 Sep 2014 17:41:04 -0400
On 9/26/14, 5:09 PM, Solar Designer wrote:
I have positive confirmation that this patch works, so here are patches for bash versions bash-2.05b to bash-4.3. I will probably push these out tomorrow.Since these patches look final and are updating the bash patchlevel number, is it OK for distros to use them as-is, with the patchlevel number update already? They are not yet on ftp.gnu.org. BTW, I notice that your earlier bash 2.05b patch isn't there, either.
I pushed them out; patches for bash-2.05b to bash-4.3 are in all the usual places. The distros can either use the ones I sent yesterday or the ones from the FTP sites. Chet -- ``The lyf so short, the craft so long to lerne.'' - Chaucer ``Ars longa, vita brevis'' - Hippocrates Chet Ramey, ITS, CWRU chet () case edu http://cnswww.cns.cwru.edu/~chet/
Current thread:
- Re: CVE-2014-6271: remote code execution through bash, (continued)
- Re: CVE-2014-6271: remote code execution through bash Simon McVittie (Sep 25)
- Re: CVE-2014-6271: remote code execution through bash Chet Ramey (Sep 25)
- Re: CVE-2014-6271: remote code execution through bash Simon McVittie (Sep 26)
- Re: CVE-2014-6271: remote code execution through bash Solar Designer (Sep 25)
- Message not available
- Re: CVE-2014-6271: remote code execution through bash Chet Ramey (Sep 25)
- Re: CVE-2014-6271: remote code execution through bash Alexandre Dulaunoy (Sep 25)
- Re: CVE-2014-6271: remote code execution through bash Larry W. Cashdollar (Sep 25)
- Re: CVE-2014-6271: remote code execution through bash Chet Ramey (Sep 25)
- Re: CVE-2014-6271: remote code execution through bash Dwayne Litzenberger (Sep 26)
- Re: CVE-2014-6271: remote code execution through bash Solar Designer (Sep 26)
- Re: CVE-2014-6271: remote code execution through bash Chet Ramey (Sep 26)