bash security hole
Cody Smith
cody.smith9202 at gmail.com
Sun Sep 28 23:32:14 UTC 2014
Yeeesh... almost makes me wonder how bad zsh is (which is what I prefer)
--c_smith
On Sun, Sep 28, 2014 at 2:59 PM, Steve Riley <steve at rileyz.net> wrote:
> On 2014-09-27 22:55:01 accessys at smart.net wrote:
> >
> > I have gotten two patches for Bash in the last two days from kubuntu site
>
> Those are coming from Ubuntu, as that's what Kubuntu is based on. And it's
> because people keep finding vulnerabilities in Bash or in its packages.
>
> 1. There was CVE-2014-6271, the original finding. Ubuntu issued one patch:
> USN-2362-1 on 9/24.
>
> 2. There was CVE-2014-7169, issued because the first patches for the
> original finding didn't fully address the scope of the vulnerabiliy. Ubuntu
> issued two patches: USN-2363-1 on 9/25, then USN-2363-2 later the same day
> (to fix a packaging error in USN-2363-1).
>
> 3. There were CVE-2014-7186 and CVE-2014-7187. These are not related to
> Shellshock. But because many people are now closely scrutinizing Bash, it
> isn't surprising that more vulnerabilities are being found. Ubuntu issued
> one patch (so far): USN-2364-1 on 9/27.
>
> Follow Ubuntu security notices here: http://www.ubuntu.com/usn/
>
> ...Steve
>
> --
> kubuntu-users mailing list
> kubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/kubuntu-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/kubuntu-users/attachments/20140928/44c7f45c/attachment.html>
More information about the kubuntu-users
mailing list