[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] debian-lts-announce@lists.debian.org



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Package        : bash
Version        : 4.1-3+deb6u1
CVE ID         : CVE-2014-6271

Stephane Chazelas discovered a vulnerability in bash, the GNU
Bourne-Again Shell, related to how environment variables are
processed.  In many common configurations, this vulnerability is
exploitable over the network, especially if bash has been configured
as the system shell.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJUIuoRAAoJEL97/wQC1SS+WOYH/0LnJcpr1Gqn7YIhooLLsTsk
goLiGFN2+UhSyLL5vmtgNXFfcRkK2lbZiF8JuMb4ztHQTA9rJbo8RbN1z6YgEhdV
hjICyHfleeL0R+EcQuwJpJ/QHBx1mV4fhgTZkHhzuj+GhckluZWye+Kt8lzu1lKP
b8w/ylhiq+b7fc1grUKAjdzANlrmJvQ/JLq38e/zD85qzgiLsR23Ox2uqTt/lJa6
bGtH7nSC6q57YNAak1OwT3LE4/Ho6zccsv6JPiq9suWI5CnU9OigYSotuFCskIs9
HwB96B+8c4tcfUxH5VLG18nilq/2QBLF0CR11N7vuluVio0haNz32DLHDOWafbk=
=PzVe
-----END PGP SIGNATURE-----


Reply to: