Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 26 Sep 2014 09:58:07 +0100
From: alan@...ie.me.uk (Alan J. Wylie)
To: oss-security@...ts.openwall.com
Cc: Solar Designer <solar@...nwall.com>, chet.ramey@...e.edu
Subject: Re: CVE-2014-6271: remote code execution through bash

Chet Ramey <chet.ramey-oNH6vCZdlc4@...lic.gmane.org> writes:

> Thanks for the kind words.  In this spirit, I've attached a patch for
> bash-2.05b, since I've been told that there are still systems running it
> out there.

In this case, would it also be appropriate to back-port the patch for
the bug I reported 10 years ago?

https://lists.gnu.org/archive/html/bug-bash/2004-09/msg00193.html 

-- 
Alan J. Wylie                                          http://www.wylie.me.uk/

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ