[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Serious Bash security vulnerabilities
|
From: |
Ludovic Courtès |
|
Subject: |
Re: Serious Bash security vulnerabilities |
|
Date: |
Sat, 27 Sep 2014 00:05:05 +0200 |
|
User-agent: |
Gnus/5.130011 (Ma Gnus v0.11) Emacs/24.3 (gnu/linux) |
address@hidden (Ludovic Courtès) skribis:
> <mark_weaver> the other three patches I'm aware of are:
> http://seclists.org/oss-sec/2014/q3/att-690/eol-pushback.patch
> (from Chet),
> http://seclists.org/oss-sec/2014/q3/att-712/parse-oob-4_2.patch
> (seems non-controversial), and
>
> http://seclists.org/oss-sec/2014/q3/att-712/variables-affix-4_2.patch
> (more radical hardening, not fully compatible, but maybe still a
> good idea) [09:40]
The ‘bash-cve-next’ branch applies the first two patches and is now
being built:
http://hydra.gnu.org/jobset/gnu/bash-cve-next
Ludo’.
signature.asc
Description: PGP signature