svn commit: r369684 - in head/shells/bash: . files
Jung-uk Kim
jkim at FreeBSD.org
Wed Oct 1 16:42:37 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 2014-09-30 23:35:13 -0400, Bryan Drewery wrote:
> Author: bdrewery Date: Wed Oct 1 03:35:12 2014 New Revision:
> 369684 URL: http://svnweb.freebsd.org/changeset/ports/369684 QAT:
> https://qat.redports.org/buildarchive/r369684/
>
> Log: Add RedHat's patch for CVE-2014-7186, commonly known as
> "redir_stack" overflow, which has not been shown to be as critical
> as "shellshock" currently.
>
> Security: CVE-2014-7186
Thanks!
BTW, this patch also fixes CVE-2014-7187.
http://www.openwall.com/lists/oss-security/2014/09/26/2
FYI, 4.3 Patchlevel 27 fixed two more CVEs, i.e., CVE-2014-6277 and
CVE-2014-6278.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278
Jung-uk Kim
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBAgAGBQJULC78AAoJEHyflib82/FGLU4H/1Rb5XpN9qjYr0np6lP+EIto
+k+NWSW8m2y0C6qL73sS0ceJUZRN91KUwNMk9/UN6J/i4DQI8a84wZCYrTRu87V7
/KUVm95qL90ZQHPlmHD7H/CTWF/UqAkfoDHBueFyp6imRH0soW5KulJ4m78SiNH1
iijnd5EQCURCuNGoPRcn+pcXXBBxhiQ/Cl81AN1Pcde0jGVw+M+H5xnLqxgJr+8/
IW4J5qMfSXTITKZc9ri8CU94lQurPFQ8dn2eVsPZN2e3SC237vSEXKYCnaxG6Ffh
ZWFuV83J3G7c2dBTdzSRq6hVKro48WKvzBecqmp4Og7AxBYuV4ysdoUz95oAyeY=
=HibU
-----END PGP SIGNATURE-----
More information about the svn-ports-all
mailing list