Ubuntu 14.04 has updates including one for bash so I assume that update fixed the issue in the subject header
I am running ubuntu / unity 14.04 with... $ bash --version GNU bash, version 4.3.11(1)-release (x86_64-pc-linux-gnu) ...and I would get this response to the vulnerability check... $ env x='() { :;}; echo vulnerable' bash -c "echo this is a test" vulnerable this is a test Last night I used the "Software Updater" GUI tool which updates from Ubuntu's mirror.xnet.co.nz repository and I noticed that one of the updates was for bash. After the update the version number for bash is still the same... $ bash --version GNU bash, version 4.3.11(1)-release (x86_64-pc-linux-gnu) ...However there is a change with the vulnerability check... $ env x='() { :;}; echo vulnerable' bash -c "echo this is a test" bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x' this is a test cheers, Ian.
To: wlug(a)list.waikato.ac.nz Date: Fri, 26 Sep 2014 09:50:44 +1200 From: mailinglist(a)blahdeblah.co.nz Subject: Re: [wlug] Fwd: [NZLUG] ALERT: Remote code-exec in bash (CVE-2014-6271)
On Thu, 25 Sep 2014 10:35:36 +1200, Peter Reutemann wrote:
Typo...
Yes, I got that error too. Ubuntu 14.04 has updates including one for bash so I assume that update fixed the issue in the subject header _______________________________________________ wlug mailing list | wlug(a)list.waikato.ac.nz Unsubscribe: http://list.waikato.ac.nz/mailman/listinfo/wlug