touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #21099
[Bug 1373781] Re: bash incomplete fix for CVE-2014-6271
Fumihito YOSHIDA (hito),
We are awaiting comments from the upstream bash developer about the OOB
memory fixes, and the variable isolation hardening. We will address
those in a later bash update.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1373781
Title:
bash incomplete fix for CVE-2014-6271
Status in “bash” package in Ubuntu:
In Progress
Status in “bash” source package in Lucid:
Fix Released
Status in “bash” source package in Precise:
Fix Released
Status in “bash” source package in Trusty:
Fix Released
Status in “bash” source package in Utopic:
In Progress
Bug description:
The fixes for CVE-2014-6271 do NOT work! Security vuln, but should be
public, this is known already.
Ubuntu 14.04 LTS: bash 4.3-7ubuntu1.1
Ubuntu 12.04 LTS: bash 4.2-2ubuntu2.2
Ubuntu 10.04 LTS: bash 4.1-2ubuntu3.1
Testcase:
rm -f echo && env -i X='() { (a)=>\' bash -c 'echo id'; cat echo
expected output:
bash: X: line 1: syntax error near unexpected token `='
bash: X: line 1: `'
bash: error importing function definition for `X'
id
actual output:
bash: X: line 1: syntax error near unexpected token `='
bash: X: line 1: `'
bash: error importing function definition for `X'
uid=0(root) gid=0(root) groups=0(root)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1373781/+subscriptions