Is there any linkage between bash patches and known CVE (or any
other database) IDs? (Source-code comment, bug-tracker, etc.)
I understand that there is not a one<->one relationship, but for
the bug-fixes that do pertain to one or more vulnerability entry, it may
be beneficial to outrigh
On 10/2/14, 6:27 PM, Sang Suh wrote:
> Unlike other versions, bash-2.05b patch 11 is missing from
> ftp.gnu.org. Will it be appear soon?
It was uploaded with the rest of that batch:
ftp.gnu.org://gnu/bash/bash-2.05b-patches/bash205b-011
--
``The lyf so short, the craft so long to lerne.'' - Cha
On 10/3/14, 4:55 AM, Nathan McGarvey wrote:
> Is there any linkage between bash patches and known CVE (or any other
> database) IDs? (Source-code comment, bug-tracker, etc.)
> I understand that there is not a one<->one relationship, but for the
> bug-fixes that do pertain to one or more vul
2014-10-03 08:56:41 -0400, Chet Ramey:
> On 10/3/14, 4:55 AM, Nathan McGarvey wrote:
> > Is there any linkage between bash patches and known CVE (or any other
> > database) IDs? (Source-code comment, bug-tracker, etc.)
> > I understand that there is not a one<->one relationship, but for the
Thanks much for the list and all the rapid patch releases as of late. Good
stuff.
-Nathan
On Fri, Oct 3, 2014 at 8:56 AM, Chet Ramey wrote:
> On 10/3/14, 4:55 AM, Nathan McGarvey wrote:
> > Is there any linkage between bash patches and known CVE (or any other
> > database) IDs? (Source-code
Hi,
I'm really going out on a limb, but is there any chance of getting a
shellshock patch for Bash 2.05? I've got many legacy systems running
RH7.2 (enigma) that I'm trying to locate a fix for. I've looked at the
patches for Bash, but the fixes only go as far back as 2.05b. I've
attempted t
Configuration Information [Automatically generated, do not change]:
Machine: x86_64
OS: linux-gnu
Compiler: gcc -I/home/abuild/rpmbuild/BUILD/bash-4.2
-L/home/abuild/rpmbuild/BU\
ILD/bash-4.2/../readline-6.2
Compilation CFLAGS: -DPROGRAM='bash' -DCONF_HOSTTYPE='x86_64'
-DCONF_OSTYPE='l\
inux-g
On 10/03/2014 03:37 PM, Paul FM wrote:
>
> Bash Version: 4.2
> Patch Level: 47
You are several patches behind.
> Repeat-By:
> while running bash:
> export Y=\(\)\ \{\ ignored\;\ \}\;\ /usr/bin/id
This syntax no longer causes function parsing, as of 4.2 patch level 50.
--
Eric Blake ebl
On 10/3/14, 5:37 PM, Paul FM wrote:
> Bash Version: 4.2
> Patch Level: 47
> Release Status: release
>
>
>
> Description:
> When run as rbash, it parses then environment for functions when the
> man page specifically says it does NOT do this.
Yeah, that's a documentation problem. It's neve
