[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Bug in bash <= 4.3 [security feature bypassed]

Hi everyone,

Recently we discovered a bug in bash. After some time after reporting
it to bash developers, it has not been fixed.

We think that this is a security issue because in some circumstances
the bash security feature could be bypassed allowing the bash to be a
valid target shell in an attack.

We strongly recommend to patch your bash code.

Why don't fix this bug by simple adding mandatory "if" clause ?
Any comments about this issue are welcomed.

Details at:

Thanks you,

Hector Marco