Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 7 Oct 2016 10:45:16 -0400
From: Chet Ramey <>
To: Leo Famulari <>,
Subject: Re: Re: CVE-2016-0634 -- bash prompt expanding

On 9/27/16 4:55 PM, Leo Famulari wrote:
> On Fri, Sep 16, 2016 at 03:56:01PM -0400, Chet Ramey wrote:
>>>> I believe the fix in parse.y is this (Chet, please correct me if I'm wrong):
>>> Yes, that is the current fix for this.  There are other ways to do it.
>> Here's a patch to bash-4.3 that will fix this.
> Hi Chet,
> Thanks for the patch! Do you plan to add it to the bash-4.3-patches
> series [0]?

This went out as bash-4.3 patch 47.

``The lyf so short, the craft so long to lerne.'' - Chaucer
		 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU

Download attachment "signature.asc" of type "application/pgp-signature" (192 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ