DSA-3035 bash - security update
|
Información sobre el sistema
|
|
|
Software afectado |
Debian |
Descripción
|
Tavis Ormandy discovered that the patch applied to fix CVE-2014-6271released in DSA-3032-1 for bash, the GNU Bourne-Again Shell, wasincomplete and could still allow some characters to be injected intoanother environment (CVE-2014-7169). With this update prefix and suffixfor environment variable names which contain shell functions are addedas hardening measure.
More info:
https://www.debian.org/security/2014/dsa-3035 |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2014-7169 ,CVE-2014-6271 ,DSA-3035 and DSA-3032. |