[MacPorts] #45162: bash @4.3.25: Vulnerable to code execution in environment variables (CVE-2014-7169)
MacPorts
noreply at macports.org
Fri Sep 26 16:05:20 PDT 2014
#45162: bash @4.3.25: Vulnerable to code execution in environment variables
(CVE-2014-7169)
------------------------+----------------------
Reporter: kost.hc@… | Owner: raimue@…
Type: defect | Status: assigned
Priority: High | Milestone:
Component: ports | Version: 2.3.1
Resolution: | Keywords:
Port: bash |
------------------------+----------------------
Comment (by sierkb@…):
Fix for CVE-2014-7169 is official and published by GNU Project:
[http://ftp.gnu.org/gnu/bash/], patch 26 for Bash 4.3
[http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-026], see also
[http://seclists.org/oss-sec/2014/q3/734].
Please update MacPorts' bash accordingly from 4.3.25 to this new patch
level 4.3.26 as soon as possible.
--
Ticket URL: <https://trac.macports.org/ticket/45162#comment:7>
MacPorts <http://www.macports.org/>
Ports system for OS X
More information about the macports-tickets
mailing list