[Secure-testing-commits] r45135 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Oct 7 15:00:29 UTC 2016
Author: carnil
Date: 2016-10-07 15:00:29 +0000 (Fri, 07 Oct 2016)
New Revision: 45135
Modified:
data/CVE/list
Log:
Add patch reference for CVE-2016-7543/bash for the 4.3 series
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-07 14:37:51 UTC (rev 45134)
+++ data/CVE/list 2016-10-07 15:00:29 UTC (rev 45135)
@@ -2798,9 +2798,8 @@
[wheezy] - bash <not-affected> (Problem not reproducible)
NOTE: http://www.openwall.com/lists/oss-security/2016/09/26/9
NOTE: Default shell is dash which is not vulnerable, but bash in Jessie and
- NOTE: Wheezy are affected. Or actually it is not possible to reproduce
- NOTE: the problem. It should definitely be as it is not a timing issue.
- NOTE: Probably solved by the fact that SHELLOPTS is a read-only variable.
+ NOTE: Wheezy are affected.
+ NOTE: Fixed by (4.3): https://ftp.gnu.org/pub/gnu/bash/bash-4.3-patches/bash43-048
CVE-2016-7542
RESERVED
CVE-2016-7541
More information about the Secure-testing-commits
mailing list