← Back to team overview

touch-packages team mailing list archive

[Bug 1373781] Re: bash incomplete fix for CVE-2014-6271

 

** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-6271

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1373781

Title:
  bash incomplete fix for CVE-2014-6271

Status in “bash” package in Ubuntu:
  Fix Released
Status in “bash” source package in Lucid:
  Fix Released
Status in “bash” source package in Precise:
  Fix Released
Status in “bash” source package in Trusty:
  Fix Released
Status in “bash” source package in Utopic:
  Fix Released

Bug description:
  The fixes for CVE-2014-6271 do NOT work! Security vuln, but should be
  public, this is known already.

  Ubuntu 14.04 LTS: bash 4.3-7ubuntu1.1
  Ubuntu 12.04 LTS: bash 4.2-2ubuntu2.2
  Ubuntu 10.04 LTS: bash 4.1-2ubuntu3.1

  Testcase:
  rm -f echo && env -i  X='() { (a)=>\' bash -c 'echo id'; cat echo

  expected output:
  bash: X: line 1: syntax error near unexpected token `='
  bash: X: line 1: `'
  bash: error importing function definition for `X'
  id

  actual output:
  bash: X: line 1: syntax error near unexpected token `='
  bash: X: line 1: `'
  bash: error importing function definition for `X'
  uid=0(root) gid=0(root) groups=0(root)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1373781/+subscriptions