This bug was fixed in the package bash - 4.3-9ubuntu3
---------------
bash (4.3-9ubuntu3) utopic; urgency=medium
* SECURITY UPDATE: incomplete fix for CVE-2014-6271 (LP: #1373781)
- debian/patches/CVE-2014-7169.diff: fix logic in parse.y and y.tab.c.
- CVE-2014-7169
-- Marc Deslauriers <marc.deslauri...@ubuntu.com> Thu, 25 Sep 2014 21:43:10
-0400
** Changed in: bash (Ubuntu Utopic)
Status: In Progress => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-6271
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1373781
Title:
bash incomplete fix for CVE-2014-6271
Status in “bash” package in Ubuntu:
Fix Released
Status in “bash” source package in Lucid:
Fix Released
Status in “bash” source package in Precise:
Fix Released
Status in “bash” source package in Trusty:
Fix Released
Status in “bash” source package in Utopic:
Fix Released
Bug description:
The fixes for CVE-2014-6271 do NOT work! Security vuln, but should be
public, this is known already.
Ubuntu 14.04 LTS: bash 4.3-7ubuntu1.1
Ubuntu 12.04 LTS: bash 4.2-2ubuntu2.2
Ubuntu 10.04 LTS: bash 4.1-2ubuntu3.1
Testcase:
rm -f echo && env -i X='() { (a)=>\' bash -c 'echo id'; cat echo
expected output:
bash: X: line 1: syntax error near unexpected token `='
bash: X: line 1: `'
bash: error importing function definition for `X'
id
actual output:
bash: X: line 1: syntax error near unexpected token `='
bash: X: line 1: `'
bash: error importing function definition for `X'
uid=0(root) gid=0(root) groups=0(root)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1373781/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
