oss-sec mailing list archives
Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash)
From: Eric Blake <eblake () redhat com>
Date: Mon, 06 Oct 2014 09:03:46 -0600
On 10/05/2014 08:11 AM, David A. Wheeler wrote:
Everyone: Thank you VERY MUCH for your timeline corrections and additions on shellshock. My updated document is here: http://www.dwheeler.com/essays/shellshock.html The updated timeline is here: http://www.dwheeler.com/essays/shellshock.html#timeline
You list the release of bash43-026 twice, ten hours apart. You should add the recent release of bash43-030 for CVE-2014-6278: https://lists.gnu.org/archive/html/bug-bash/2014-10/msg00040.html 5 Oct 2014 19:06:06 -0400 -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash), (continued)
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash) Kobrin, Eric (Oct 03)
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash) Stephane Chazelas (Oct 03)
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash) Kobrin, Eric (Oct 03)
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash) Riot (Oct 03)
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash) Riot (Oct 03)
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash) Stephane Chazelas (Oct 04)
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash) Hanno Böck (Oct 04)
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash) Steve Jones (Oct 04)
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash) Lance Davis (Oct 04)
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash) David A. Wheeler (Oct 05)
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash) Eric Blake (Oct 06)
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash) Stephane Chazelas (Oct 03)
- Re: Shellshock timeline (was: CVE-2014-6271: remote code execution through bash) Kobrin, Eric (Oct 03)
- Re: Shellshock timeline Stephane Chazelas (Oct 03)
- Stéphane Chazelas: How *DID* you find Shellshock? David A. Wheeler (Oct 08)
- Re: Stéphane Chazelas: How *DID* you find Shellshock? stephane.chazelas (Oct 08)
- Re: Shellshock timeline Eric Blake (Oct 03)