On 2014-09-25 02:54:06 -0400, Koichiro Iwao wrote: > Please let me make corrections. The "shellshock" bash > vulnerabilities are described by 2 CVEs. - CVE-2014-6271 - > CVE-2014-7169 > > The first CVE is already fixed in latest freebsd ports tree > (r369185), so far the second CVE is not fixed yet.
CVE-2014-7169 is fixed now (r369261). http://svnweb.freebsd.org/changeset/ports/369261 Note the commit log says CVE-2014-3659 but it was actually reassigned as CVE-2014-7169. Jung-uk Kim > On Thu, Sep 25, 2014 at 11:58:30AM +0530, Riyaz T.K wrote: >> Hi, >> >> https://www.freebsd.org/cgi/ports.cgi?query=The+GNU+Project%27s+Bourne+Again+SHell&stype=text&sektion=all >> >> >> >> Is this version patched from the bash vulnerability? >> >> https://access.redhat.com/articles/1200223 _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "[email protected]"
