tags 762760 +patch
stop
Chet Ramey has posted a patch for this (also attached):
http://www.openwall.com/lists/oss-security/2014/09/25/10
/Teddy Hogeborn
*** ../bash-20140912/parse.y 2014-08-26 15:09:42.0 -0400
--- parse.y 2014-09-24 22:47:28.0 -0400
***
*** 2959,2962
Package: bash
Version: 4.2+dfsg-0.1+deb7u1
Severity: critical
Tags: security
As Tavis Ormandy has tweeted[0], the existing patch is not sufficient to
solve the problem:
vauxhall ok % dpkg -l bash | grep ^ii; rm -f echo; env X='() { (a)=>\' bash
-c "echo date"; cat echo
ii bash 4.2
2 matches
Mail list logo
