Date: Wed, 01 Oct 2014 12:42:36 -0400 From: Jung-uk Kim <jkim@FreeBSD.org> To: Bryan Drewery <bdrewery@FreeBSD.org>, ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: Re: svn commit: r369684 - in head/shells/bash: . files Message-ID: <542C2EFC.6090302@FreeBSD.org> In-Reply-To: <201410010335.s913ZD6R006655@svn.freebsd.org> References: <201410010335.s913ZD6R006655@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2014-09-30 23:35:13 -0400, Bryan Drewery wrote: > Author: bdrewery Date: Wed Oct 1 03:35:12 2014 New Revision: > 369684 URL: http://svnweb.freebsd.org/changeset/ports/369684 QAT: > https://qat.redports.org/buildarchive/r369684/ > > Log: Add RedHat's patch for CVE-2014-7186, commonly known as > "redir_stack" overflow, which has not been shown to be as critical > as "shellshock" currently. > > Security: CVE-2014-7186 Thanks! BTW, this patch also fixes CVE-2014-7187. http://www.openwall.com/lists/oss-security/2014/09/26/2 FYI, 4.3 Patchlevel 27 fixed two more CVEs, i.e., CVE-2014-6277 and CVE-2014-6278. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278 Jung-uk Kim -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJULC78AAoJEHyflib82/FGLU4H/1Rb5XpN9qjYr0np6lP+EIto +k+NWSW8m2y0C6qL73sS0ceJUZRN91KUwNMk9/UN6J/i4DQI8a84wZCYrTRu87V7 /KUVm95qL90ZQHPlmHD7H/CTWF/UqAkfoDHBueFyp6imRH0soW5KulJ4m78SiNH1 iijnd5EQCURCuNGoPRcn+pcXXBBxhiQ/Cl81AN1Pcde0jGVw+M+H5xnLqxgJr+8/ IW4J5qMfSXTITKZc9ri8CU94lQurPFQ8dn2eVsPZN2e3SC237vSEXKYCnaxG6Ffh ZWFuV83J3G7c2dBTdzSRq6hVKro48WKvzBecqmp4Og7AxBYuV4ysdoUz95oAyeY= =HibU -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?542C2EFC.6090302>