oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

RE: more bash parser bugs (CVE-2014-6277, CVE-2014-6278)

From: "Henry, Bobby" <Bobby.Henry () expedient com>
Date: Wed, 1 Oct 2014 21:51:25 +0000
I agree, there's gotta be something we can send him for all the hard work.
- Bobby

-----Original Message-----
From: Ed Prevost [mailto:me () edwardprevost info] 
Sent: Wednesday, October 01, 2014 5:46 PM
To: oss-security () lists openwall com; Chet Ramey
Subject: Re: [oss-security] more bash parser bugs (CVE-2014-6277, CVE-2014-6278)

On 10/1/2014 2:11 PM, Shawn wrote:

On Thu, Oct 2, 2014 at 5:08 AM, Chet Ramey <chet.ramey () case edu> wrote:

On 10/1/14, 5:04 PM, Shawn wrote:

http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-028

Nope, this one fixes 7168/7169.  It's the equivalent of the 
`parser-oob' patch.

I have patches that fix 6277/6278 that are in the pipeline.


oh, s0rry for the mistake...that'd be great if we can get the patch as 
quickly as possible. Thanks.


--
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, ITS, CWRU    chet () case edu    http://cnswww.cns.cwru.edu/~chet/




Really!? Honestly!? "as quickly as possible"

Man, we really should rally together and at least send Chet a recovery beer basket or something.

--Ed
Application & Network Security, Research Scientist http://EdwardPrevost.info https://twitter.com/@EdwardPrevost
Previous By Date Next
Previous By Thread Next

Current thread: