Hello Eduardo,
I haven't installed the patched bash yet. I called it in the source
directory after compiling, it with ./bash so I think this should start the
patched bash.
Regards,
Ralf
On Thu, 25 Sep 2014, Eduardo A. Bustamante López wrote:
Date: Thu, 25 Sep 2014 13:50:00 -0700
From:
Hello Greg,
thanks for the hint, this seems to be the solution. I've copied the
compiled bash binary to the first directory from $PATH output and now the
test is ok:
[naegele@pinie ~]$ env x='() { :;}; echo vulnerable' bash -c echo this is a
test
bash: warning: x: ignoring function
alexandre.ferri...@orange.com
To: Ralf Naegele ralf.naeg...@she.net
Cc: Eduardo A. Bustamante López dual...@gmail.com, bug-bash@gnu.org
Subject: Re: Bash-4.3 Official Patch 25 Bug 896776 - (CVE-2014-6271)
On 26/09/2014 08:23, Ralf Naegele wrote:
Hello Eduardo,
I haven't installed the patched
Hello,
I've downloaded the source for bash 4.3 and all patches, patched the source to
Patch 25.
But according some description I've found (http://heise.de/-2403305 sorry, only
in German
available), you can test with the command
env x='() { :;}; echo vulnerable' bash -c echo this is a test
if
