Date: Fri, 26 Sep 2014 09:58:07 +0100 From: alan@...ie.me.uk (Alan J. Wylie) To: oss-security@...ts.openwall.com Cc: Solar Designer <solar@...nwall.com>, chet.ramey@...e.edu Subject: Re: CVE-2014-6271: remote code execution through bash Chet Ramey <chet.ramey-oNH6vCZdlc4@...lic.gmane.org> writes: > Thanks for the kind words. In this spirit, I've attached a patch for > bash-2.05b, since I've been told that there are still systems running it > out there. In this case, would it also be appropriate to back-port the patch for the bug I reported 10 years ago? https://lists.gnu.org/archive/html/bug-bash/2004-09/msg00193.html -- Alan J. Wylie http://www.wylie.me.uk/
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ