From owner-freebsd-security@FreeBSD.ORG Mon Sep 29 10:36:35 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 457F09DE for ; Mon, 29 Sep 2014 10:36:35 +0000 (UTC) Received: from forward2m.mail.yandex.net (forward2m.mail.yandex.net [37.140.138.2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "forwards.mail.yandex.net", Issuer "Certum Level IV CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E66D2329 for ; Mon, 29 Sep 2014 10:36:34 +0000 (UTC) Received: from web15m.yandex.ru (web15m.yandex.ru [37.140.138.106]) by forward2m.mail.yandex.net (Yandex) with ESMTP id B2C575CA0152; Mon, 29 Sep 2014 14:36:24 +0400 (MSK) Received: from 127.0.0.1 (localhost [127.0.0.1]) by web15m.yandex.ru (Yandex) with ESMTP id CEB9D1EA0FF7; Mon, 29 Sep 2014 14:36:23 +0400 (MSK) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1411986984; bh=Nb12zBIRUTE5c6c/rdMUIscnHh9GxwfZ2OteWK8lPWQ=; h=From:To:In-Reply-To:References:Subject:Date; b=bWiBIHsRkIc4WM3Wv3bn+npn4bQebMcLYjjY93ESISZvf75hUCqiLLXDnKTTlF9b3 gK6whTohDG0KiRw/HYYuoKpKXM7wL9GD9h7lcTO1AXh1c/WM+oUcSJdAx3bEzm6wwX lA0HXdiVHX3mOjdjmSG5H2py/5AHJALNZpduihzs= Received: from broadband-46-188-123-17.2com.net (broadband-46-188-123-17.2com.net [46.188.123.17]) by web15m.yandex.ru with HTTP; Mon, 29 Sep 2014 14:36:23 +0400 From: Kulesho To: n j , "freebsd-security@freebsd.org FreeBSD-security" In-Reply-To: References: <2423691411974542@web12j.yandex.ru> <1771201411976082@web22o.yandex.ru> <7B489747-0FF8-4081-A001-7A510C3C6FA1@patpro.net> Subject: Re: Bash ShellShock bug(s) MIME-Version: 1.0 Message-Id: <2709351411986983@web15m.yandex.ru> X-Mailer: Yamail [ http://yandex.ru ] 5.0 Date: Mon, 29 Sep 2014 14:36:23 +0400 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=koi8-r X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Sep 2014 10:36:35 -0000 Thank you for explanation! Now I can sleep calmly. 29.09.2014, 13:27, "n j" : > Hi, > > On Mon, Sep 29, 2014 at 9:55 AM, Patrick Proniewski > wrote: >> šOn 29 sept. 2014, at 09:34, ëŐĚĹŰĎ× áĚĹËÓĹĘ wrote: >>> šRight. Okay then, here it is: >>> >>> š# pkg remove bash >>> š... change 'bash' to 'sh' in bashcheck ... >>> š# sh bashcheck >>> šNot vulnerable to CVE-2014-6271 (original shellshock) >>> šNot vulnerable to CVE-2014-7169 (taviso bug) >>> šNot vulnerable to CVE-2014-7186 (redir_stack bug) >>> šVulnerable to CVE-2014-7187 (nessted loops off by one) >>> šVariable function parser inactive, likely safe from unknown parser bugs >>> >>> šSo, there is no bash on my system anymore, but script says it has one >> švulnerability. >>> šIs it actually vulnerability or it's me who must take a good sleep? :) >> šThis is odd. As far as I know, no one reported sh as being vulnerable to >> šCVE-2014-7187. But may be it's only on FreeBSD... I don't have an answer to >> šthat. > > I'd say the test is not relevant for sh. The line that tests for > CVE-2014-7187 uses {1..200} construct which is not understood by sh. > > E.g. > sh$ for i in {1..5}; do echo -n š$i; done > {1..5} > bash$ for i in {1..5}; do echo -n $i; done > 12345 > > Br, > -- > Nino > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"