- SOFT/LAN
> To: Ralf Naegele
> Cc: "Eduardo A. Bustamante López" , bug-bash@gnu.org
> Subject: Re: Bash-4.3 Official Patch 25 Bug 896776 - (CVE-2014-6271)
>
> On 26/09/2014 08:23, Ralf Naegele wrote:
> > Hello Eduardo,
> >
> > I haven't installed th
Hello Greg,
thanks for the hint, this seems to be the solution. I've copied the
compiled bash binary to the first directory from $PATH output and now the
test is ok:
[naegele@pinie ~]$ env x='() { :;}; echo vulnerable' bash -c "echo this is a
test"
bash: warning: x: ignoring function definiti
Hello Eduardo,
I haven't installed the patched bash yet. I called it in the source
directory after compiling, it with ./bash so I think this should start the
patched bash.
Regards,
Ralf
On Thu, 25 Sep 2014, Eduardo A. Bustamante López wrote:
> Date: Thu, 25 Sep 2014 13:50:00 -0700
> From:
Hello,
I've downloaded the source for bash 4.3 and all patches, patched the source to
Patch 25.
But according some description I've found (http://heise.de/-2403305 sorry, only
in German
available), you can test with the command
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
i
