Date: Thu, 2 Oct 2014 18:45:10 +0000 From: "Menkhus, Mark (Global Cyber Security SSRT)" <mark.menkhus@...com> To: Sona Sarmadi <sona.sarmadi@...a.com>, "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com> CC: Solar Designer <solar@...nwall.com> Subject: RE: more bash parser bugs (CVE-2014-6277, CVE-2014-6278) Thanks, I was reading the list, but missed this one. I shared it with a lot of my friends at HP! Mark -----Original Message----- From: Sona Sarmadi [mailto:sona.sarmadi@...a.com] Sent: Thursday, October 02, 2014 12:35 PM To: Menkhus, Mark (Global Cyber Security SSRT); oss-security@...ts.openwall.com Cc: Solar Designer Subject: RE: [oss-security] more bash parser bugs (CVE-2014-6277, CVE-2014-6278) > What URL do I point to see the security bugs listed by CVE for CVE for > bash43- > 25 through -28? > > I didn't see it in the patches themselves - > ftp://ftp.cwru.edu/pub/bash/bash-4.3-patches > > Sorry, I am new to bash culture, > Mark Menkhus > Hewlett Packard Mark Look here (from Michal 's post) for a summary of each CVE and corresponding upstream patches (GNU patches): http://www.openwall.com/lists/oss-security/2014/10/02/28 /Sona
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ