BASH - CVE-2014-6271
Yann Rouillard
yann at pleiades.fr.eu.org
Thu Sep 25 09:15:33 CEST 2014
Hi,
Yes, it is vulnerable.
But bash-4.3.25,REV=2014.09.25 mitigates this security issue, you will find
this package in my experimental repository
http://buildfarm.opencsw.org/opencsw/experimental/yann and it will soon
land in unstable and testing repositories.
However the story is not finished as the current fix doesn't yet solve all
the problems, another CVE has been issued to track the remaining ones:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169
Expect another update when the new security fix is out.
Yann
2014-09-24 23:06 GMT+02:00 upen <upendra.gandhi at gmail.com>:
> Hello,
>
> Is the current bash in OpenCSW( 4.3.24,REV=2014.09.07) vulnerable to
> CVE in the subject?
>
> Thanks,
> Upen
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opencsw.org/pipermail/users/attachments/20140925/62a19268/attachment.html>
More information about the users
mailing list