[OE-core] [PATCH 4/4] bash: Fix-for-CVE-2014-6278
Paul Eggleton
paul.eggleton at linux.intel.com
Fri Oct 10 16:54:30 UTC 2014
On Thursday 09 October 2014 14:25:15 Sona Sarmadi wrote:
> From: Catalin Popeanga <Catalin.Popeanga at enea.com>
>
> This vulnerability exists because of an incomplete fix for CVE-2014-6271,
> CVE-2014-7169, and CVE-2014-6277
>
> See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278
>
> Signed-off-by: Catalin Popeanga <Catalin.Popeanga at enea.com>
I've build and runtime tested both versions of bash with these patches using
shellshocker, and also double-checked that no regressions have been triggered
for the 4.x version. Thanks!
Acked-by: Paul Eggleton <paul.eggleton at linux.intel.com>
Cheers,
Paul
--
Paul Eggleton
Intel Open Source Technology Centre
More information about the Openembedded-core
mailing list