Answer by Stéphane Chazelas for When was the shellshock (CVE-2014-6271/7169)...
TL;DR The shellshock vulnerability is fully fixed in On the bash-2.05b branch: 2.05b.10 and above (patch 10 included) On the bash-3.0 branch: 3.0.19 and above (patch 19 included) On the bash-3.1...
View ArticleAnswer by Deer Hunter for When was the shellshock (CVE-2014-6271/7169) bug...
According to the NVD database at NIST (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271), ALL VERSIONS of bash from 1.14.0 onwards are vulnerable. RedHat got wind of the bug on September...
View ArticleWhen was the shellshock (CVE-2014-6271/7169) bug introduced, and what is the...
Some context about the bug: CVE-2014-6271 Bash supports exporting not just shell variables, but also shell functions to other bash instances, via the process environment to (indirect) child processes....
View Article
