[Touch-packages] [Bug 1374207] Re: CVE-2014-7169 fix not effective on trusty
*** This bug is a duplicate of bug 1373781 *** https://bugs.launchpad.net/bugs/1373781 ** This bug has been marked a duplicate of bug 1373781 bash incomplete fix for CVE-2014-6271 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to bash in Ubuntu. https://bugs.launchpad.net/bugs/1374207 Title: CVE-2014-7169 fix not effective on trusty Status in “bash” package in Ubuntu: Invalid Status in “bash” source package in Lucid: Fix Released Status in “bash” source package in Precise: Fix Released Status in “bash” source package in Trusty: Fix Released Status in “bash” source package in Utopic: Invalid Bug description: I can reproduce the testcase from 1373781 with bash 4.3-7ubuntu1.2 on trusty. The patch did NOT fix it, unfortunately. rtucker@racer-x:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' uid=1000(rtucker) gid=1000(rtucker) groups=1000(rtucker),4(adm),6(disk),24(cdrom),27(sudo),30(dip),46(plugdev),112(lpadmin),119(sambashare) rtucker@racer-x:~$ bash --version GNU bash, version 4.3.11(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@racer-x:~$ apt-cache policy bash bash: Installed: 4.3-7ubuntu1.2 Candidate: 4.3-7ubuntu1.2 Version table: *** 4.3-7ubuntu1.2 0 500 http://mirrors.linode.com/ubuntu/ trusty-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ trusty-security/main amd64 Packages 100 /var/lib/dpkg/status 4.3-6ubuntu1 0 500 http://mirrors.linode.com/ubuntu/ trusty/main amd64 Packages precise does seem fixed, however: rtucker@barleywine:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' id cat: echo: No such file or directory rtucker@barleywine:~$ bash --version GNU bash, version 4.2.25(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@barleywine:~$ apt-cache policy bash bash: Installed: 4.2-2ubuntu2.3 Candidate: 4.2-2ubuntu2.3 Version table: *** 4.2-2ubuntu2.3 0 500 http://mirrors.linode.com/ubuntu/ precise-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ precise-security/main amd64 Packages 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages 100 /var/lib/dpkg/status 4.2-2ubuntu2 0 500 http://mirrors.linode.com/ubuntu/ precise/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1374207/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1374207] Re: CVE-2014-7169 fix not effective on trusty
*** This bug is a duplicate of bug 1373781 *** https://bugs.launchpad.net/bugs/1373781 ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-7169 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to bash in Ubuntu. https://bugs.launchpad.net/bugs/1374207 Title: CVE-2014-7169 fix not effective on trusty Status in “bash” package in Ubuntu: Invalid Status in “bash” source package in Lucid: Fix Released Status in “bash” source package in Precise: Fix Released Status in “bash” source package in Trusty: Fix Released Status in “bash” source package in Utopic: Invalid Bug description: I can reproduce the testcase from 1373781 with bash 4.3-7ubuntu1.2 on trusty. The patch did NOT fix it, unfortunately. rtucker@racer-x:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' uid=1000(rtucker) gid=1000(rtucker) groups=1000(rtucker),4(adm),6(disk),24(cdrom),27(sudo),30(dip),46(plugdev),112(lpadmin),119(sambashare) rtucker@racer-x:~$ bash --version GNU bash, version 4.3.11(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@racer-x:~$ apt-cache policy bash bash: Installed: 4.3-7ubuntu1.2 Candidate: 4.3-7ubuntu1.2 Version table: *** 4.3-7ubuntu1.2 0 500 http://mirrors.linode.com/ubuntu/ trusty-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ trusty-security/main amd64 Packages 100 /var/lib/dpkg/status 4.3-6ubuntu1 0 500 http://mirrors.linode.com/ubuntu/ trusty/main amd64 Packages precise does seem fixed, however: rtucker@barleywine:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' id cat: echo: No such file or directory rtucker@barleywine:~$ bash --version GNU bash, version 4.2.25(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@barleywine:~$ apt-cache policy bash bash: Installed: 4.2-2ubuntu2.3 Candidate: 4.2-2ubuntu2.3 Version table: *** 4.2-2ubuntu2.3 0 500 http://mirrors.linode.com/ubuntu/ precise-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ precise-security/main amd64 Packages 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages 100 /var/lib/dpkg/status 4.2-2ubuntu2 0 500 http://mirrors.linode.com/ubuntu/ precise/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1374207/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1374207] Re: CVE-2014-7169 fix not effective on trusty
Fix does not work in every directory Using Trusty and 4.3-7ubuntu1.3 sudo -i cd /root X='() { function a a\' bash -c echo; [ -e echo ] echo hacked bash: X: line 1: syntax error near unexpected token `a' bash: X: line 1: `' bash: error importing function definition for `X' hacked cd /bin X='() { function a a\' bash -c echo; [ -e echo ] echo hacked bash: X: line 1: syntax error near unexpected token `a' bash: X: line 1: `' bash: error importing function definition for `X' hacked cd /usr/bin X='() { function a a\' bash -c echo; [ -e echo ] echo hacked bash: X: line 1: syntax error near unexpected token `a' bash: X: line 1: `' bash: error importing function definition for `X' (not hacked) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to bash in Ubuntu. https://bugs.launchpad.net/bugs/1374207 Title: CVE-2014-7169 fix not effective on trusty Status in “bash” package in Ubuntu: Invalid Status in “bash” source package in Lucid: Fix Released Status in “bash” source package in Precise: Fix Released Status in “bash” source package in Trusty: Fix Released Status in “bash” source package in Utopic: Invalid Bug description: I can reproduce the testcase from 1373781 with bash 4.3-7ubuntu1.2 on trusty. The patch did NOT fix it, unfortunately. rtucker@racer-x:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' uid=1000(rtucker) gid=1000(rtucker) groups=1000(rtucker),4(adm),6(disk),24(cdrom),27(sudo),30(dip),46(plugdev),112(lpadmin),119(sambashare) rtucker@racer-x:~$ bash --version GNU bash, version 4.3.11(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@racer-x:~$ apt-cache policy bash bash: Installed: 4.3-7ubuntu1.2 Candidate: 4.3-7ubuntu1.2 Version table: *** 4.3-7ubuntu1.2 0 500 http://mirrors.linode.com/ubuntu/ trusty-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ trusty-security/main amd64 Packages 100 /var/lib/dpkg/status 4.3-6ubuntu1 0 500 http://mirrors.linode.com/ubuntu/ trusty/main amd64 Packages precise does seem fixed, however: rtucker@barleywine:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' id cat: echo: No such file or directory rtucker@barleywine:~$ bash --version GNU bash, version 4.2.25(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@barleywine:~$ apt-cache policy bash bash: Installed: 4.2-2ubuntu2.3 Candidate: 4.2-2ubuntu2.3 Version table: *** 4.2-2ubuntu2.3 0 500 http://mirrors.linode.com/ubuntu/ precise-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ precise-security/main amd64 Packages 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages 100 /var/lib/dpkg/status 4.2-2ubuntu2 0 500 http://mirrors.linode.com/ubuntu/ precise/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1374207/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1374207] Re: CVE-2014-7169 fix not effective on trusty
Thomas, I'm not sure about your test -- there is a /bin/echo in the filesystem (from the coreutils package) so checking for a file named 'echo' in that directory is not indicative of any attack. I suspect you also have a /root/echo file, perhaps left over from earlier testing. If you do, please delete or rename /root/echo and test again. Be sure to test with a freshly-started bash shell, too. Thanks -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to bash in Ubuntu. https://bugs.launchpad.net/bugs/1374207 Title: CVE-2014-7169 fix not effective on trusty Status in “bash” package in Ubuntu: Invalid Status in “bash” source package in Lucid: Fix Released Status in “bash” source package in Precise: Fix Released Status in “bash” source package in Trusty: Fix Released Status in “bash” source package in Utopic: Invalid Bug description: I can reproduce the testcase from 1373781 with bash 4.3-7ubuntu1.2 on trusty. The patch did NOT fix it, unfortunately. rtucker@racer-x:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' uid=1000(rtucker) gid=1000(rtucker) groups=1000(rtucker),4(adm),6(disk),24(cdrom),27(sudo),30(dip),46(plugdev),112(lpadmin),119(sambashare) rtucker@racer-x:~$ bash --version GNU bash, version 4.3.11(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@racer-x:~$ apt-cache policy bash bash: Installed: 4.3-7ubuntu1.2 Candidate: 4.3-7ubuntu1.2 Version table: *** 4.3-7ubuntu1.2 0 500 http://mirrors.linode.com/ubuntu/ trusty-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ trusty-security/main amd64 Packages 100 /var/lib/dpkg/status 4.3-6ubuntu1 0 500 http://mirrors.linode.com/ubuntu/ trusty/main amd64 Packages precise does seem fixed, however: rtucker@barleywine:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' id cat: echo: No such file or directory rtucker@barleywine:~$ bash --version GNU bash, version 4.2.25(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@barleywine:~$ apt-cache policy bash bash: Installed: 4.2-2ubuntu2.3 Candidate: 4.2-2ubuntu2.3 Version table: *** 4.2-2ubuntu2.3 0 500 http://mirrors.linode.com/ubuntu/ precise-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ precise-security/main amd64 Packages 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages 100 /var/lib/dpkg/status 4.2-2ubuntu2 0 500 http://mirrors.linode.com/ubuntu/ precise/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1374207/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1374207] Re: CVE-2014-7169 fix not effective on trusty
This has been commented publicly on bug #1373781, and is also becoming common knowledge on IRC. Switching bug visibility to Public. ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to bash in Ubuntu. https://bugs.launchpad.net/bugs/1374207 Title: CVE-2014-7169 fix not effective on trusty Status in “bash” package in Ubuntu: New Bug description: I can reproduce the testcase from 1373781 with bash 4.3-7ubuntu1.2 on trusty. The patch did NOT fix it, unfortunately. rtucker@racer-x:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' uid=1000(rtucker) gid=1000(rtucker) groups=1000(rtucker),4(adm),6(disk),24(cdrom),27(sudo),30(dip),46(plugdev),112(lpadmin),119(sambashare) rtucker@racer-x:~$ bash --version GNU bash, version 4.3.11(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@racer-x:~$ apt-cache policy bash bash: Installed: 4.3-7ubuntu1.2 Candidate: 4.3-7ubuntu1.2 Version table: *** 4.3-7ubuntu1.2 0 500 http://mirrors.linode.com/ubuntu/ trusty-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ trusty-security/main amd64 Packages 100 /var/lib/dpkg/status 4.3-6ubuntu1 0 500 http://mirrors.linode.com/ubuntu/ trusty/main amd64 Packages precise does seem fixed, however: rtucker@barleywine:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' id cat: echo: No such file or directory rtucker@barleywine:~$ bash --version GNU bash, version 4.2.25(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@barleywine:~$ apt-cache policy bash bash: Installed: 4.2-2ubuntu2.3 Candidate: 4.2-2ubuntu2.3 Version table: *** 4.2-2ubuntu2.3 0 500 http://mirrors.linode.com/ubuntu/ precise-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ precise-security/main amd64 Packages 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages 100 /var/lib/dpkg/status 4.2-2ubuntu2 0 500 http://mirrors.linode.com/ubuntu/ precise/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1374207/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1374207] Re: CVE-2014-7169 fix not effective on trusty
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: bash (Ubuntu) Status: New = Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to bash in Ubuntu. https://bugs.launchpad.net/bugs/1374207 Title: CVE-2014-7169 fix not effective on trusty Status in “bash” package in Ubuntu: Confirmed Bug description: I can reproduce the testcase from 1373781 with bash 4.3-7ubuntu1.2 on trusty. The patch did NOT fix it, unfortunately. rtucker@racer-x:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' uid=1000(rtucker) gid=1000(rtucker) groups=1000(rtucker),4(adm),6(disk),24(cdrom),27(sudo),30(dip),46(plugdev),112(lpadmin),119(sambashare) rtucker@racer-x:~$ bash --version GNU bash, version 4.3.11(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@racer-x:~$ apt-cache policy bash bash: Installed: 4.3-7ubuntu1.2 Candidate: 4.3-7ubuntu1.2 Version table: *** 4.3-7ubuntu1.2 0 500 http://mirrors.linode.com/ubuntu/ trusty-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ trusty-security/main amd64 Packages 100 /var/lib/dpkg/status 4.3-6ubuntu1 0 500 http://mirrors.linode.com/ubuntu/ trusty/main amd64 Packages precise does seem fixed, however: rtucker@barleywine:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' id cat: echo: No such file or directory rtucker@barleywine:~$ bash --version GNU bash, version 4.2.25(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@barleywine:~$ apt-cache policy bash bash: Installed: 4.2-2ubuntu2.3 Candidate: 4.2-2ubuntu2.3 Version table: *** 4.2-2ubuntu2.3 0 500 http://mirrors.linode.com/ubuntu/ precise-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ precise-security/main amd64 Packages 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages 100 /var/lib/dpkg/status 4.2-2ubuntu2 0 500 http://mirrors.linode.com/ubuntu/ precise/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1374207/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1374207] Re: CVE-2014-7169 fix not effective on trusty
There was a build issue with the Ubuntu 14.04 package, and I am in the process of fixing it now. An update will be released within the hour. The other releases should be ok. ** Changed in: bash (Ubuntu) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Also affects: bash (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: bash (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: bash (Ubuntu Utopic) Importance: Undecided Assignee: Marc Deslauriers (mdeslaur) Status: Confirmed ** Also affects: bash (Ubuntu Precise) Importance: Undecided Status: New ** Changed in: bash (Ubuntu Lucid) Status: New = Fix Released ** Changed in: bash (Ubuntu Precise) Status: New = Fix Released ** Changed in: bash (Ubuntu Trusty) Status: New = In Progress ** Changed in: bash (Ubuntu Utopic) Status: Confirmed = In Progress ** Changed in: bash (Ubuntu Trusty) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to bash in Ubuntu. https://bugs.launchpad.net/bugs/1374207 Title: CVE-2014-7169 fix not effective on trusty Status in “bash” package in Ubuntu: In Progress Status in “bash” source package in Lucid: Fix Released Status in “bash” source package in Precise: Fix Released Status in “bash” source package in Trusty: In Progress Status in “bash” source package in Utopic: In Progress Bug description: I can reproduce the testcase from 1373781 with bash 4.3-7ubuntu1.2 on trusty. The patch did NOT fix it, unfortunately. rtucker@racer-x:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' uid=1000(rtucker) gid=1000(rtucker) groups=1000(rtucker),4(adm),6(disk),24(cdrom),27(sudo),30(dip),46(plugdev),112(lpadmin),119(sambashare) rtucker@racer-x:~$ bash --version GNU bash, version 4.3.11(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@racer-x:~$ apt-cache policy bash bash: Installed: 4.3-7ubuntu1.2 Candidate: 4.3-7ubuntu1.2 Version table: *** 4.3-7ubuntu1.2 0 500 http://mirrors.linode.com/ubuntu/ trusty-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ trusty-security/main amd64 Packages 100 /var/lib/dpkg/status 4.3-6ubuntu1 0 500 http://mirrors.linode.com/ubuntu/ trusty/main amd64 Packages precise does seem fixed, however: rtucker@barleywine:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' id cat: echo: No such file or directory rtucker@barleywine:~$ bash --version GNU bash, version 4.2.25(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@barleywine:~$ apt-cache policy bash bash: Installed: 4.2-2ubuntu2.3 Candidate: 4.2-2ubuntu2.3 Version table: *** 4.2-2ubuntu2.3 0 500 http://mirrors.linode.com/ubuntu/ precise-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ precise-security/main amd64 Packages 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages 100 /var/lib/dpkg/status 4.2-2ubuntu2 0 500 http://mirrors.linode.com/ubuntu/ precise/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1374207/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1374207] Re: CVE-2014-7169 fix not effective on trusty
This bug was fixed in the package bash - 4.3-7ubuntu1.3 --- bash (4.3-7ubuntu1.3) trusty-security; urgency=medium * Updated debian/patches/CVE-2014-7169.diff to also patch y.tab.c in case it doesn't get regenerated when built (LP: #1374207) -- Marc Deslauriers marc.deslauri...@ubuntu.com Thu, 25 Sep 2014 21:20:03 -0400 ** Changed in: bash (Ubuntu Trusty) Status: In Progress = Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to bash in Ubuntu. https://bugs.launchpad.net/bugs/1374207 Title: CVE-2014-7169 fix not effective on trusty Status in “bash” package in Ubuntu: In Progress Status in “bash” source package in Lucid: Fix Released Status in “bash” source package in Precise: Fix Released Status in “bash” source package in Trusty: Fix Released Status in “bash” source package in Utopic: In Progress Bug description: I can reproduce the testcase from 1373781 with bash 4.3-7ubuntu1.2 on trusty. The patch did NOT fix it, unfortunately. rtucker@racer-x:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' uid=1000(rtucker) gid=1000(rtucker) groups=1000(rtucker),4(adm),6(disk),24(cdrom),27(sudo),30(dip),46(plugdev),112(lpadmin),119(sambashare) rtucker@racer-x:~$ bash --version GNU bash, version 4.3.11(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@racer-x:~$ apt-cache policy bash bash: Installed: 4.3-7ubuntu1.2 Candidate: 4.3-7ubuntu1.2 Version table: *** 4.3-7ubuntu1.2 0 500 http://mirrors.linode.com/ubuntu/ trusty-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ trusty-security/main amd64 Packages 100 /var/lib/dpkg/status 4.3-6ubuntu1 0 500 http://mirrors.linode.com/ubuntu/ trusty/main amd64 Packages precise does seem fixed, however: rtucker@barleywine:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' id cat: echo: No such file or directory rtucker@barleywine:~$ bash --version GNU bash, version 4.2.25(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@barleywine:~$ apt-cache policy bash bash: Installed: 4.2-2ubuntu2.3 Candidate: 4.2-2ubuntu2.3 Version table: *** 4.2-2ubuntu2.3 0 500 http://mirrors.linode.com/ubuntu/ precise-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ precise-security/main amd64 Packages 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages 100 /var/lib/dpkg/status 4.2-2ubuntu2 0 500 http://mirrors.linode.com/ubuntu/ precise/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1374207/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1374207] Re: CVE-2014-7169 fix not effective on trusty
** Branch linked: lp:ubuntu/trusty-security/bash -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to bash in Ubuntu. https://bugs.launchpad.net/bugs/1374207 Title: CVE-2014-7169 fix not effective on trusty Status in “bash” package in Ubuntu: In Progress Status in “bash” source package in Lucid: Fix Released Status in “bash” source package in Precise: Fix Released Status in “bash” source package in Trusty: Fix Released Status in “bash” source package in Utopic: In Progress Bug description: I can reproduce the testcase from 1373781 with bash 4.3-7ubuntu1.2 on trusty. The patch did NOT fix it, unfortunately. rtucker@racer-x:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' uid=1000(rtucker) gid=1000(rtucker) groups=1000(rtucker),4(adm),6(disk),24(cdrom),27(sudo),30(dip),46(plugdev),112(lpadmin),119(sambashare) rtucker@racer-x:~$ bash --version GNU bash, version 4.3.11(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@racer-x:~$ apt-cache policy bash bash: Installed: 4.3-7ubuntu1.2 Candidate: 4.3-7ubuntu1.2 Version table: *** 4.3-7ubuntu1.2 0 500 http://mirrors.linode.com/ubuntu/ trusty-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ trusty-security/main amd64 Packages 100 /var/lib/dpkg/status 4.3-6ubuntu1 0 500 http://mirrors.linode.com/ubuntu/ trusty/main amd64 Packages precise does seem fixed, however: rtucker@barleywine:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' id cat: echo: No such file or directory rtucker@barleywine:~$ bash --version GNU bash, version 4.2.25(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@barleywine:~$ apt-cache policy bash bash: Installed: 4.2-2ubuntu2.3 Candidate: 4.2-2ubuntu2.3 Version table: *** 4.2-2ubuntu2.3 0 500 http://mirrors.linode.com/ubuntu/ precise-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ precise-security/main amd64 Packages 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages 100 /var/lib/dpkg/status 4.2-2ubuntu2 0 500 http://mirrors.linode.com/ubuntu/ precise/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1374207/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1374207] Re: CVE-2014-7169 fix not effective on trusty
Should we mark this report as a duplicate of bug #1373781? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to bash in Ubuntu. https://bugs.launchpad.net/bugs/1374207 Title: CVE-2014-7169 fix not effective on trusty Status in “bash” package in Ubuntu: Invalid Status in “bash” source package in Lucid: Fix Released Status in “bash” source package in Precise: Fix Released Status in “bash” source package in Trusty: Fix Released Status in “bash” source package in Utopic: Invalid Bug description: I can reproduce the testcase from 1373781 with bash 4.3-7ubuntu1.2 on trusty. The patch did NOT fix it, unfortunately. rtucker@racer-x:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' uid=1000(rtucker) gid=1000(rtucker) groups=1000(rtucker),4(adm),6(disk),24(cdrom),27(sudo),30(dip),46(plugdev),112(lpadmin),119(sambashare) rtucker@racer-x:~$ bash --version GNU bash, version 4.3.11(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@racer-x:~$ apt-cache policy bash bash: Installed: 4.3-7ubuntu1.2 Candidate: 4.3-7ubuntu1.2 Version table: *** 4.3-7ubuntu1.2 0 500 http://mirrors.linode.com/ubuntu/ trusty-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ trusty-security/main amd64 Packages 100 /var/lib/dpkg/status 4.3-6ubuntu1 0 500 http://mirrors.linode.com/ubuntu/ trusty/main amd64 Packages precise does seem fixed, however: rtucker@barleywine:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' id cat: echo: No such file or directory rtucker@barleywine:~$ bash --version GNU bash, version 4.2.25(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@barleywine:~$ apt-cache policy bash bash: Installed: 4.2-2ubuntu2.3 Candidate: 4.2-2ubuntu2.3 Version table: *** 4.2-2ubuntu2.3 0 500 http://mirrors.linode.com/ubuntu/ precise-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ precise-security/main amd64 Packages 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages 100 /var/lib/dpkg/status 4.2-2ubuntu2 0 500 http://mirrors.linode.com/ubuntu/ precise/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1374207/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1374207] Re: CVE-2014-7169 fix not effective on trusty
Bug #1373781 is the one listed on the CVE page, http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-7169 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to bash in Ubuntu. https://bugs.launchpad.net/bugs/1374207 Title: CVE-2014-7169 fix not effective on trusty Status in “bash” package in Ubuntu: Invalid Status in “bash” source package in Lucid: Fix Released Status in “bash” source package in Precise: Fix Released Status in “bash” source package in Trusty: Fix Released Status in “bash” source package in Utopic: Invalid Bug description: I can reproduce the testcase from 1373781 with bash 4.3-7ubuntu1.2 on trusty. The patch did NOT fix it, unfortunately. rtucker@racer-x:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' uid=1000(rtucker) gid=1000(rtucker) groups=1000(rtucker),4(adm),6(disk),24(cdrom),27(sudo),30(dip),46(plugdev),112(lpadmin),119(sambashare) rtucker@racer-x:~$ bash --version GNU bash, version 4.3.11(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@racer-x:~$ apt-cache policy bash bash: Installed: 4.3-7ubuntu1.2 Candidate: 4.3-7ubuntu1.2 Version table: *** 4.3-7ubuntu1.2 0 500 http://mirrors.linode.com/ubuntu/ trusty-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ trusty-security/main amd64 Packages 100 /var/lib/dpkg/status 4.3-6ubuntu1 0 500 http://mirrors.linode.com/ubuntu/ trusty/main amd64 Packages precise does seem fixed, however: rtucker@barleywine:~$ rm -f echo env -i X='() { (a)=\' bash -c 'echo id'; cat echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' id cat: echo: No such file or directory rtucker@barleywine:~$ bash --version GNU bash, version 4.2.25(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. rtucker@barleywine:~$ apt-cache policy bash bash: Installed: 4.2-2ubuntu2.3 Candidate: 4.2-2ubuntu2.3 Version table: *** 4.2-2ubuntu2.3 0 500 http://mirrors.linode.com/ubuntu/ precise-updates/main amd64 Packages 500 http://mirrors.linode.com/ubuntu/ precise-security/main amd64 Packages 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages 100 /var/lib/dpkg/status 4.2-2ubuntu2 0 500 http://mirrors.linode.com/ubuntu/ precise/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1374207/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp