With the prefix+suffix patches, this can no longer be exploited across privilege boundaries; we'll likely include these fixes at some point in the future but don't consider them a pressing issue any longer. For more details please see our CVE tracker: http://people.canonical.com/~ubuntu- security/cve/2014/CVE-2014-6277.html
Thanks ** Information type changed from Private Security to Public Security ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-6277 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1378071 Title: bash crashed with SIGSEGV in strlen() To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1378071/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
