[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CVE-2016-0634 code execution in Bash prompt when expanding hostname
From: |
John Darrington |
Subject: |
Re: CVE-2016-0634 code execution in Bash prompt when expanding hostname |
Date: |
Wed, 21 Sep 2016 07:20:48 +0200 |
User-agent: |
Mutt/1.5.23 (2014-03-12) |
On Tue, Sep 20, 2016 at 04:55:30PM -0400, Leo Famulari wrote:
Any advice on how we should handle CVE-2016-0634?
http://seclists.org/oss-sec/2016/q3/534
Like the comment there says, it is only a problem if the machine has already
been owned, so I don't
see what the issue is. If there is an issue it is for the bash maintainers to
patch.
J'
--
Avoid eavesdropping. Send strong encrypted email.
PGP Public key ID: 1024D/2DE827B3
fingerprint = 8797 A26D 0854 2EAB 0285 A290 8A67 719C 2DE8 27B3
See http://sks-keyservers.net or any PGP keyserver for public key.
signature.asc
Description: Digital signature