On Wed, 24 Sep 2014 17:33:15 -0600 jd1008 <jd1...@gmail.com> wrote: > > On 09/24/2014 05:27 PM, Jared K. Smith wrote: > > > > On Wed, Sep 24, 2014 at 6:56 PM, Patrick O'Callaghan > > <pocallag...@gmail.com <mailto:pocallag...@gmail.com>> wrote: > > > > Can we assume a patched version of Bash will be released > > shortly? > > > > > > It's in updates-testing now, and has enough karma that it should be > > pushed stable the next time the packages are mashed. See > > https://admin.fedoraproject.org/updates/bash-4.3.22-3.fc21 for more > > details. > > > > -- > > Jared Smith > > > > > So, could someone explain the nature of the vulnerability?
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/ has a good writeup... along with: http://lwn.net/Articles/613032/ kevin
signature.asc
Description: PGP signature
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
