[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Help-bash] Patching shellshock fixes for 2.05
|
From: |
Mohan Kannekanti |
|
Subject: |
Re: [Help-bash] Patching shellshock fixes for 2.05 |
|
Date: |
Thu, 2 Oct 2014 14:01:14 -0700 |
Oh Cool.
Thanks a ton Chet. I do really appreciate your help on this, given the fact
that this software is too old to support.
Thanks,
Mohan.
On Thu, Oct 2, 2014 at 1:58 PM, Chet Ramey <address@hidden> wrote:
> On 10/2/14, 4:03 PM, Mohan Kannekanti wrote:
> > Hi Chet,
> >
> > Thanks for the reply.
> >
> > I am sorry, I am bit confused. Do you mean that 2.05 version is not
> > vulnerable at all or those patches should resolve that vulnerability.
>
> I mean it's not vulnerable. The test script you run is flawed:
>
> > bash: line 1: syntax error near unexpected token `;'
> > bash: line 1: `for x{1..200} in ; do :'
> > *CVE-2014-7187 (nested loops off by one): VULNERABLE*
>
> The test case uses a construct that was not available in bash-2.05.
>
> Chet
>
> --
> ``The lyf so short, the craft so long to lerne.'' - Chaucer
> ``Ars longa, vita brevis'' - Hippocrates
> Chet Ramey, ITS, CWRU address@hidden
> http://cnswww.cns.cwru.edu/~chet/
>
--
This electronic message, including attachments, is intended only for the
use of the individual or company named above or to which it is addressed.
The information contained in this message shall be considered confidential
and proprietary, and may include confidential work product. If you are not
the intended recipient, please be aware that any unauthorized use,
dissemination, distribution or copying of this message is strictly
prohibited. If you have received this email in error, please notify the
sender by replying to this message and deleting this email immediately.