[MacPorts] #45162: bash @4.3.25: Vulnerable to code execution in environment variables (CVE-2014-7169)

MacPorts noreply at macports.org
Sun Sep 28 13:16:13 PDT 2014


#45162: bash @4.3.25: Vulnerable to code execution in environment variables
(CVE-2014-7169)
------------------------+----------------------
  Reporter:  kost.hc@…  |      Owner:  raimue@…
      Type:  defect     |     Status:  assigned
  Priority:  High       |  Milestone:
 Component:  ports      |    Version:  2.3.1
Resolution:             |   Keywords:
      Port:  bash       |
------------------------+----------------------

Comment (by cal@…):

 Patchlevel 27 contains the namespaced function exports, but as far as I
 can see the parser OOB accesses are still unfixed. AFAIK meanwhile CVE
 numbers have been assigned for those, too.

-- 
Ticket URL: <https://trac.macports.org/ticket/45162#comment:18>
MacPorts <http://www.macports.org/>
Ports system for OS X


More information about the macports-tickets mailing list