Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 28 Sep 2014 07:22:14 +0200
From: Hanno Böck <hanno@...eck.de>
To: Chet Ramey <chet.ramey@...e.edu>
Cc: Tavis Ormandy <taviso@...xchg8b.com>,
  Florian Weimer <fw@...eb.enyo.de>,
  Michal Zalewski <lcamtuf@...edump.cx>,
  Solar Designer <solar@...nwall.com>, oss-security@...ts.openwall.com,
  Eric Blake <eblake@...hat.com>
Subject: Re: CVE-2014-6271: remote code execution through
 bash

On Sat, 27 Sep 2014 21:39:19 -0400
Chet Ramey <chet.ramey@...e.edu> wrote:

> OK, here are the more-or-less final versions of the patches for
> bash-2.05b through bash-4.3.  I made two changes from earlier today:
> the function export suffix is now `%%', which is not part of a the
> set of valid variable name characters but avoids any potential
> problems with including shell metacharacters in the name; and this
> version refuses to import shell functions whose name contains a
> slash, for reasons I discussed earlier.

From what I can see your official patches still don't contain the
out-of-bound memory fixes.

While not exposing the parser to random variables should shield that
somewhat and reduce impact, they still should be fixed and the redhat
patch looks pretty straightforward.

-- 
Hanno Böck
http://hboeck.de/

mail/jabber: hanno@...eck.de
GPG: BBB51E42

Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ