[Info-vax] And now bash has a vulnerability
Paul Sture
nospam at sture.ch
Thu Sep 25 05:34:15 EDT 2014
Update: Update: 2014-09-25 03:10 UTC
Red Hat has become aware that the patch for CVE-2014-6271 is incomplete.
An attacker can provide specially-crafted environment variables containing
arbitrary commands that will be executed on vulnerable systems under
certain conditions. The new issue has been assigned CVE-2014-7169. Red Hat
is working on patches in conjunction with the upstream developers as a
critical priority. For details on a workaround, please see the FAQ below.
<http://tinyurl.com/bash-fix-incomplete>
--
Early morning ponderings:
#I_need_legal_advice Does overly loud Volksmusik (German folk music) at
7am provide grounds for justifiable homicide? IalsoneedCoffee!
More information about the Info-vax
mailing list