: Eduardo A. Bustamante López dual...@gmail.com
To: ralf.naeg...@she.net
Cc: bug-bash@gnu.org
Subject: Re: Bash-4.3 Official Patch 25 Bug 896776 - (CVE-2014-6271)
On Thu, Sep 25, 2014 at 05:33:38PM +0200, ralf.naeg...@she.net wrote:
Hello,
I've downloaded the source for bash 4.3 and all
On 26/09/2014 08:23, Ralf Naegele wrote:
Hello Eduardo,
I haven't installed the patched bash yet. I called it in the source
directory after compiling, it with ./bash so I think this should start the
patched bash.
You started ./bash as the parent reading the offending line, but did you also
25 Bug 896776 - (CVE-2014-6271)
On Thu, Sep 25, 2014 at 05:33:38PM +0200, ralf.naeg...@she.net wrote:
env x='() { :;}; echo vulnerable' bash -c echo this is a test
Did you *install* the patched version so that it is the first bash in
your PATH before running this? If not, you should
alexandre.ferri...@orange.com
To: Ralf Naegele ralf.naeg...@she.net
Cc: Eduardo A. Bustamante López dual...@gmail.com, bug-bash@gnu.org
Subject: Re: Bash-4.3 Official Patch 25 Bug 896776 - (CVE-2014-6271)
On 26/09/2014 08:23, Ralf Naegele wrote:
Hello Eduardo,
I haven't installed the patched
Hello,
I've downloaded the source for bash 4.3 and all patches, patched the source to
Patch 25.
But according some description I've found (http://heise.de/-2403305 sorry, only
in German
available), you can test with the command
env x='() { :;}; echo vulnerable' bash -c echo this is a test
if
On 09/25/2014 09:33 AM, ralf.naeg...@she.net wrote:
Hello,
I've downloaded the source for bash 4.3 and all patches, patched the source
to Patch 25.
But according some description I've found (http://heise.de/-2403305 sorry,
only in German
available), you can test with the command
env