From owner-freebsd-security@FreeBSD.ORG  Tue Sep 30 21:25:17 2014
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id C4C75DE;
 Tue, 30 Sep 2014 21:25:17 +0000 (UTC)
Received: from mail-in2.apple.com (mail-out2.apple.com [17.151.62.25])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 9783CFAF;
 Tue, 30 Sep 2014 21:25:17 +0000 (UTC)
Received: from mail-out.apple.com (honeycrisp.apple.com [17.151.62.51])
 (using TLS with cipher RC4-MD5 (128/128 bits))
 (Client did not present a certificate)
 by mail-in2.apple.com (Apple Secure Mail Relay) with SMTP id
 2B.20.26497.DBF1B245; Tue, 30 Sep 2014 14:25:17 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: text/plain; CHARSET=US-ASCII
Received: from relay3.apple.com ([17.128.113.83]) by local.mail-out.apple.com
 (Oracle Communications Messaging Server 7.0.5.30.0 64bit (built Oct
 22 2013))
 with ESMTP id <0NCQ00JK6GTF4EA1@local.mail-out.apple.com>; Tue,
 30 Sep 2014 14:25:17 -0700 (PDT)
X-AuditID: 11973e11-f79f76d000006781-f6-542b1fbd3a06
Received: from [17.149.232.248] (Unknown_Domain [17.149.232.248])
 (using TLS with cipher AES128-SHA (128/128 bits))
 (Client did not present a certificate)	by relay3.apple.com (Apple SCV relay)
 with SMTP id 42.D7.08757.0CF1B245; Tue, 30 Sep 2014 14:25:20 -0700 (PDT)
Subject: Re: bash velnerability
From: Charles Swiger <cswiger@mac.com>
In-reply-to: <542B087D.3040903@FreeBSD.org>
Date: Tue, 30 Sep 2014 14:25:15 -0700
Message-id: <CC9931CC-6BEA-4416-9546-42D6E49C1129@mac.com>
References: <CAHFU5H5WOnAXuFmfQEGkTvwoECATTCC3eKYE3yts+Bqh1M_8ww@mail.gmail.com>
 <00000148ab969845-5940abcc-bb88-4111-8f7f-8671b0d0300b-000000@us-west-2.amazonses.com>
 <54243F0F.6070904@FreeBSD.org> <54244982.8010002@FreeBSD.org>
 <16EB2C50-FBBA-4797-83B0-FB340A737238@circl.lu> <542596E3.3070707@FreeBSD.org>
 <CAHcXP+dx2etYgQPNiAxk2P68Z-4j+bTvdMoHfz+xKsBDKh9Z9g@mail.gmail.com>
 <5425999A.3070405@FreeBSD.org> <5425A548.9090306@FreeBSD.org>
 <5425D427.8090309@FreeBSD.org> <54298266.1090201@sentex.net>
 <5429851B.8060500@FreeBSD.org> <542AFC54.9010405@FreeBSD.org>
 <542B087D.3040903@FreeBSD.org>
To: Bryan Drewery <bdrewery@FreeBSD.org>
X-Mailer: Apple Mail (2.1878.6)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrLLMWRmVeSWpSXmKPExsUiON3OWHevvHaIwZmFnBYntnxgsdh0+C2j
 Rc+mJ2wWKz9fZXJg8ZjxaT5LAGMUl01Kak5mWWqRvl0CV8amiy+ZCq6yVbw7tp69gXEnaxcj
 J4eEgInEhPnLWSBsMYkL99azgdhCAnOYJO51ioHYvAKCEj8m3wOq4eBgFpCXOHheFiTMLKAl
 8f1RK1CYC6i8iUnizqSPrCA1IDOvt7NDxPuZJP70PASbLwzU29BwkA2khk1ATWLCRB6QMKeA
 tsS1zudg57AIqEo0dE8F62UWWMgo0XBiMdhMXgEriY37DSFOe8wi8WetJ4gtIqAh8b/1EjPE
 +fISHz4cB+uVEJjEJvH6zkGWCYzCs5C8MAvhhVlIXljAyLyKUSg3MTNHNzPPSC+xoCAnVS85
 P3cTIyS8BXcwHl9ldYhRgINRiYeXQ14rRIg1say4MvcQozQHi5I479lzmiFCAumJJanZqakF
 qUXxRaU5qcWHGJk4OKUaGDMz9jHMypBhuFlh3uo+8wRjhNnvZW3rxVYVaD6JyHkoWD5tR80+
 15Z31VPOHNXT2XDhxhvp1j/RpT8SN4Z4cHx6HvlQL6zlM69/MdsDbXatt80dBqJnL7w/acaw
 caurhIGNt9fz/OYlFXZffCU3r35YMWGNq3G038QjfafehR3XyAu6r3uyTYmlOCPRUIu5qDgR
 AKm2csRQAgAA
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrELMWRmVeSWpSXmKPExsUiOPXFD90D8tohBite6Fmc2PKBxWLT4beM
 Fj2bnrBZrPx8lcli06xZ7A6sHjM+zWfxOHzrP1sAUxSXTUpqTmZZapG+XQJXxs2ljxgL3rNV
 fHswi7WB8QRrFyMHh4SAicT1dvYuRk4gU0ziwr31bF2MXBxCAv1MEtumnmcDSTAL6EnsuP6L
 FcTmFTCQWLJrEzOILSwgL9HQcJANZA6bgJrEhIk8IGFOAW2Jr+vbwFpZBFQlGrqnsoPMZBZY
 zChxcvMMJoiZ2hLLFr5mhphpJTFldiM7xOKLLBJ/Jy0D6xYR0JD433qJGeI6eYkPH46zT2Dk
 n4XkpllIbpqFZO4CRuZVjAJFqTmJlcZ6iQUFOal6yfm5mxhBIdlQGLyD8c8yq0OMAhyMSjy8
 kRu0QoRYE8uKK3MPMUpwMCuJ8LrKaIcI8aYkVlalFuXHF5XmpBYfYpTmYFES5/1ZrhIiJJCe
 WJKanZpakFoEk2Xi4JRqYGQzTtVeyLBl8695PeXTHPQc5FdVSW9J6ylyqdy6USFD5qfpb/P6
 5g+/d1m2yJctK+c+Ylv2VtlB/LWWNJeH9fQH090O9JZULJK9VvdQYeKTX+pTghTn1NfO2stT
 s+lTz17hWln2qfMvijVUGy7TjGZn/349b/aKAzkvyk8JWtfN/yzoyrjbX4mlOCPRUIu5qDgR
 AJqUDc9FAgAA
Cc: freebsd-security <freebsd-security@freebsd.org>,
 freebsd-ports <freebsd-ports@freebsd.org>, Jung-uk Kim <jkim@FreeBSD.org>
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Sep 2014 21:25:18 -0000

On Sep 30, 2014, at 12:46 PM, Bryan Drewery <bdrewery@FreeBSD.org> wrote:
[ ... ]
> I even saw a reddit post last night complaining that OSX had updated
> bash only to leave it "still vulnerable" because of the redir_stack issue.

It doesn't seem to be?

bash-3.2$ bash --version
GNU bash, version 3.2.53(1)-release (x86_64-apple-darwin13)
Copyright (C) 2007 Free Software Foundation, Inc.

bash-3.2$ echo "Testing Exploit 4 (CVE-2014-7186)"
Testing Exploit 4 (CVE-2014-7186)
bash-3.2$ CVE7186="$(bash -c 'true <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF' 2>/dev/null ||echo -n V)"
bash-3.2$ [ "${CVE7186}" == "V" ] && echo "VULNERABLE" || echo "NOT VULNERABLE"
NOT VULNERABLE

This being said, I'm not confident that there won't be further issues found with bash....

Regards,
-- 
-Chuck