From owner-freebsd-ports@FreeBSD.ORG  Thu Sep 25 06:54:07 2014
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id C625DD61
 for <ports@freebsd.org>; Thu, 25 Sep 2014 06:54:07 +0000 (UTC)
Received: from a27-115.smtp-out.us-west-2.amazonses.com
 (a27-115.smtp-out.us-west-2.amazonses.com [54.240.27.115])
 (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 9D28DBD2
 for <ports@freebsd.org>; Thu, 25 Sep 2014 06:54:07 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
 s=hsbnp7p3ensaochzwyq5wwmceodymuwv; d=amazonses.com; t=1411628046;
 h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:Content-Type:In-Reply-To:Feedback-ID;
 bh=OeN0YnQ21xwwcQx7vCmF4DUqbDpvMQ0QmqKROyIiY1c=;
 b=fKRA4pVsaDsOe+EEeUf5kN+U8bSrDorDdzzKQrwwCz7ixrznlqEYmNTpaj0s49q2
 DOMTllS3HAEM84F28kSgzKd3Iq7EYP3n6bcbGOzl7hYqhl/3CvuZqqmvvz27U/tDBC9
 rBeL2zQM/fEGyNNZ3gQVMrkrhKE7mxj0sj8yBlhQ=
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
 s=7iuvfuckmdjngkit3px46zmjutqvp75o; d=vmeta.jp; t=1411628046;
 h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:Content-Type:In-Reply-To;
 bh=OeN0YnQ21xwwcQx7vCmF4DUqbDpvMQ0QmqKROyIiY1c=;
 b=hBpTNp1N2A6Ffb+N+cTSUt2eV4MHDs7aF9UPcU5njqzMiSkBhaVLgFL/0Bk6mQl3
 zDCha7PLtfa+i7U9xQgbg3tiCseVPB3+0ibuYXSBQbDrBWOjhrcxjW9krDIaI4TrWsY
 7v8IyYfLfGrxZy6HNPsNbxzaYdpngx9cVs2XDG+M=
Date: Thu, 25 Sep 2014 06:54:06 +0000
From: Koichiro IWAO <meta@vmeta.jp>
To: "Riyaz T.K" <riyaz@admod.com>
Subject: Re: bash velnerability
Message-ID: <00000148ab969845-5940abcc-bb88-4111-8f7f-8671b0d0300b-000000@us-west-2.amazonses.com>
References: <CAHFU5H5WOnAXuFmfQEGkTvwoECATTCC3eKYE3yts+Bqh1M_8ww@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-2022-jp
Content-Disposition: inline
In-Reply-To: <CAHFU5H5WOnAXuFmfQEGkTvwoECATTCC3eKYE3yts+Bqh1M_8ww@mail.gmail.com>
X-Operating-System: FreeBSD 10.1-BETA2 amd64
User-Agent: Mutt/1.5.23 (2014-03-12)
X-SES-Outgoing: 2014.09.25-54.240.27.115
Feedback-ID: us-west-2.bWV0YUB2bWV0YS5qcA==:AmazonSES
Cc: ports@freebsd.org
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports/>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Sep 2014 06:54:07 -0000

Please let me make corrections.  The "shellshock" bash vulnerabilities are described by 2 CVEs.
 - CVE-2014-6271
 - CVE-2014-7169

The first CVE is already fixed in latest freebsd ports tree (r369185),
so far the second CVE is not fixed yet.

On Thu, Sep 25, 2014 at 11:58:30AM +0530, Riyaz T.K wrote:
> Hi,
> 
> https://www.freebsd.org/cgi/ports.cgi?query=The+GNU+Project%27s+Bourne+Again+SHell&stype=text&sektion=all
> 
> Is this version patched from the bash vulnerability?
> 
> https://access.redhat.com/articles/1200223
> 
> 
> 
> 
> -- 
> Riyaz T K
> Admod Technologies
> _______________________________________________
> freebsd-ports@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ports
> To unsubscribe, send any mail to "freebsd-ports-unsubscribe@freebsd.org"

-- 
`whois vmeta.jp | nkf -w`
meta <meta@vmeta.jp>