oss-sec mailing list archives
Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash)
From: Eric Blake <eblake () redhat com>
Date: Fri, 03 Oct 2014 16:10:40 -0600
On 10/03/2014 01:28 PM, David A. Wheeler wrote:
FYI, I've created a timeline of major Shellshock events here: http://www.dwheeler.com/essays/shellshock.html#timeline If anyone has corrections or key additions, let me know.
In the timeline, it might be worth linking to all of the bash patches: Patch 25 (CVE-2014-6271) 24 Sep 2014 10:27:10 -0400 https://lists.gnu.org/archive/html/bug-bash/2014-09/msg00081.html Patch 26 (CVE-2014-7169) 26 Sep 2014 17:17:09 -0400 https://lists.gnu.org/archive/html/bug-bash/2014-09/msg00224.html Patch 27 (no CVE, but the most important) [already in the timeline] 27 Sep 2014 22:50:07 -0400 https://lists.gnu.org/archive/html/bug-bash/2014-09/msg00278.html Patch 28 (CVE-2014-7186, CVE-2014-7187) 1 Oct 2014 10:47:47 -0400 https://lists.gnu.org/archive/html/bug-bash/2014-10/msg00000.html Patch 29 (CVE-2014-6277) 2 Oct 2014 22:42:53 -0400 https://lists.gnu.org/archive/html/bug-bash/2014-10/msg00020.html Patch 30 (CVE-2014-6278) TBD -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash), (continued)
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash) Stephane Chazelas (Oct 04)
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash) Hanno Böck (Oct 04)
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash) Steve Jones (Oct 04)
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash) Lance Davis (Oct 04)
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash) David A. Wheeler (Oct 05)
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash) Eric Blake (Oct 06)
- Re: Shellshock timeline Stephane Chazelas (Oct 03)
- Stéphane Chazelas: How *DID* you find Shellshock? David A. Wheeler (Oct 08)
- Re: Stéphane Chazelas: How *DID* you find Shellshock? stephane.chazelas (Oct 08)
- Re: Shellshock timeline Eric Blake (Oct 03)