Le 27. 09. 14 07:53, Eric Blake a écrit :
[...]
So, to FULLY test whether you are still vulnerable to ShellShock, we
must come up with a test that proves that NO possible function body
assigned to a valid shell variable name can EVER cause bash to invoke
the parser without your consent. For tha
[posting a rehash of what has been said in several other threads, to
pull all the information into one easier-to-find location]
I know that ShellShock has been getting all the focus lately, but MOST
sites that I have seen that offer advice on how to test whether a build
is vulnerable are testing O
