Maybe this helps others to verify: https://raw.githubusercontent.com/hannob/bashcheck/master/bashcheck
lars@dachs:~$ ./bashcheck Not vulnerable to CVE-2014-6271 (original shellshock) Not vulnerable to CVE-2014-7169 (taviso bug) Not vulnerable to CVE-2014-7186 (redir_stack bug) Test for CVE-2014-7187 not reliable without address sanitizer Variable function parser inactive, likely safe from unknown parser bugs ** CVE added: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2014-6271 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-7186 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-7187 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1373781 Title: bash incomplete fix for CVE-2014-6271 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1373781/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
