Hi, Yes, it is vulnerable. But bash-4.3.25,REV=2014.09.25 mitigates this security issue, you will find this package in my experimental repository http://buildfarm.opencsw.org/opencsw/experimental/yann and it will soon land in unstable and testing repositories.
However the story is not finished as the current fix doesn't yet solve all the problems, another CVE has been issued to track the remaining ones: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169 Expect another update when the new security fix is out. Yann 2014-09-24 23:06 GMT+02:00 upen <[email protected]>: > Hello, > > Is the current bash in OpenCSW( 4.3.24,REV=2014.09.07) vulnerable to > CVE in the subject? > > Thanks, > Upen >
