Date: Wed, 1 Oct 2014 21:51:25 +0000 From: "Henry, Bobby" <Bobby.Henry@...edient.com> To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com>, "Chet Ramey" <chet.ramey@...e.edu> Subject: RE: more bash parser bugs (CVE-2014-6277, CVE-2014-6278) I agree, there's gotta be something we can send him for all the hard work. - Bobby -----Original Message----- From: Ed Prevost [mailto:me@...ardprevost.info] Sent: Wednesday, October 01, 2014 5:46 PM To: oss-security@...ts.openwall.com; Chet Ramey Subject: Re: [oss-security] more bash parser bugs (CVE-2014-6277, CVE-2014-6278) On 10/1/2014 2:11 PM, Shawn wrote: > On Thu, Oct 2, 2014 at 5:08 AM, Chet Ramey <chet.ramey@...e.edu> wrote: >> On 10/1/14, 5:04 PM, Shawn wrote: >>> http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-028 >> Nope, this one fixes 7168/7169. It's the equivalent of the >> `parser-oob' patch. >> >> I have patches that fix 6277/6278 that are in the pipeline. >> > oh, s0rry for the mistake...that'd be great if we can get the patch as > quickly as possible. Thanks. > >> -- >> ``The lyf so short, the craft so long to lerne.'' - Chaucer >> ``Ars longa, vita brevis'' - Hippocrates >> Chet Ramey, ITS, CWRU chet@...e.edu http://cnswww.cns.cwru.edu/~chet/ > > Really!? Honestly!? "as quickly as possible" Man, we really should rally together and at least send Chet a recovery beer basket or something. --Ed Application & Network Security, Research Scientist http://EdwardPrevost.info https://twitter.com/@...ardPrevost
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ