Posts Tagged ‘ShellShock’

ShellShockShellShock vulnerability, which was assigned an identifier CVE-2014-6271, was fixed pretty quickly. However, after the elimination of gaps, has been found several vulnerabilities, which get the ID CVE-2014-7169, CVE-2014-7186 and CVE-2014-7187. Currently, there are updates that correct all the above gaps.

#1. Released the third update to fix the ShellShock vulnerability

Hotfix fixes several flaws discovered after removing the vulnerability CVE-2014-6271.

Red Hat engineer Florian Weimer released the third update to the shell Bash, what fixes a critical vulnerability ShellShock. This patch fixes several flaws discovered after the release of the first two updates.

Project Manager Chet Ramey adopted a Weimer’s patch and released it as an official update №27 for Bash 4.3 (bash43-027). The previous fix tried to eliminate the vulnerability ShellShock, but every time experts find more and more flaws. (more…)