Re: Shellshock: Has CVE-2014-7186 and CVE-2014-7187 been addressed for debian
On Sat, 27 Sep 2014 20:29:12 +0200
Martin Holub <lumpi@fileserver.v6.amspitz.at> wrote:
> Hi,
>
> Please according to the Security Tracker [1,2] booth are fixed in
> stable and oldstable.
>
And unstable, I don't have a testing installation, but I'd have thought
that should also be done by now.
>
> [1] https://security-tracker.debian.org/tracker/CVE-2014-7186
> [2] https://security-tracker.debian.org/tracker/CVE-2014-7187
>
> On 27/09/14 20:18, john wrote:
> > Hello,
> >
> > I was wondering if CVE-2014-7186 and CVE-2014-7187 been addressed
> > yet for Debian. I note that Ubuntu pushed another patch addressing
> > these earlier today.
> >
The first patch for this problem didn't fix it completely, so there
were two. Updating now should certainly solve the problem.
Here's a couple of tests, and the results expected after neither, the
first, and the second patches:
https://access.redhat.com/articles/1200223
--
Joe
Reply to: