Re: [SECURITY] [DSA 3032-1] bash security update

[Jan Wagner <waja@cyconet.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi there,

Am 24.09.2014 um 16:06 schrieb Florian Weimer:
> Stephane Chazelas discovered a vulnerability in bash, the GNU 
> Bourne-Again Shell, related to how environment variables are 
> processed.  In many common configurations, this vulnerability is 
> exploitable over the network, especially if bash has been
> configured as the system shell.

is there still work on CVE-2014-7169, as the fix for CVE-2014-6271
seems incomplete?

Cheers and thanks for your good work!
- -- 
Never write mail to <waja@spamfalle.info>, you have been warned!
- -----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GIT d-- s+: a C+++ UL++++ P+ L+++ E--- W+++ N+++ o++ K++ w--- O M V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h---- r+++ y++++
- ------END GEEK CODE BLOCK------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBVCPjuAxwVXtaBlE+AQg48xAAgNeXxr/651ZfRQKaD3hMqFfTqaYFFeke
DvUw7/e4L9eG1YC0iBRniJwTLfXVJu8rmHYCa74+lm18nD+aQ2xNjKyc/RcpdSdk
keN9C91d2/DzrYuAwkeu7fsT4uKcjuig1YpO99IP0fdFGAB5SAKauvIrY6n5s9IV
SJ5Yuq8SqlqhSsIQ4rnal/J6aJWDv97XFKzWYkmvHym1mFSvJXq8zVSAalQTaffV
CPr57/scrAuDvJLbCN0I//yzsdMyEYusmYbCb18nue9wLuxj9S0PxZEaxih8reK5
XLRpQR1inhvvStUX7GcfqZObqW7j8JMyW7arhq4V1drTlOkTODmv5lqIvOD3CO9s
ZrXPVwKjzSv2wBSS8BnqkwKOYOALkn9IBkdtwZ+0rZKLvALdcgD1YqL0mS9fXvzh
8syWmysc7TVRQgEu2mlxmu3Ex2OSoMrx7okG1yCBz3zdMxc75diR9WwP6jaGEItZ
JDqBSooJDoKB9bbcLvumhNZkkTr5QslpcTW4Mw1dGC2isvRJpMrkAgiQZZzDrcdY
FKBf1GSSW0kVe/xBVZPwBjfhuuBG1mNue5qNEq2llMKEUbKU4I7mxEPjOw6zDAtI
dh7j4BlWjZeQvKE4guBbCwL3wGuO8xY6wAzaTcjB/E/I3U/LPQ0qZ6rKKJy/w+oc
lCdydyT73wo=
=XR0L
-----END PGP SIGNATURE-----