On Tue, Sep 20, 2016 at 04:55:30PM -0400, Leo Famulari wrote:
     Any advice on how we should handle CVE-2016-0634?

Like the comment there says, it is only a problem if the machine has already 
been owned, so I don't
see what the issue is.  If there is an issue it is for the bash maintainers to 


Avoid eavesdropping.  Send strong encrypted email.
PGP Public key ID: 1024D/2DE827B3 
fingerprint = 8797 A26D 0854 2EAB 0285  A290 8A67 719C 2DE8 27B3
See http://sks-keyservers.net or any PGP keyserver for public key.

Attachment: signature.asc
Description: Digital signature

Reply via email to