Date: Wed, 11 Feb 2015 09:30:29 +0000 From: John Haxby <john.haxby@...cle.com> To: oss-security@...ts.openwall.com Subject: Re: wordexp(3) On 10/02/15 17:57, Rich Felker wrote: > Obviously implementations using /bin/sh were > vulnerable to shellshock on systems where /bin/sh is bash. I must admit, that was my first thought. Closely followed by wondering whether this gives an interesting new vector in spite of the BASH_FUNC_...() wrapper. jch
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ