Fixing the GNU bash vulnerability (CVE-2014-6271)

by Michael Tremer, September 25, 2014

Do you like what you are reading? Subscribe to our newsletter and don't miss out on the latest...   Join Now

There is an other severe security issue in almost every device that is running Linux or BSD. The GNU bash shell is vulnerable as it will execute random commands from the shell environment. IPFire is – as every other distribution as well – vulnerable to this issue filed under CVE-2014-6271 and a fix has been applied to the code yesterday.

Unfortunately, this patch does not fix the problem completely. As soon as there is a proper fix that resolves the problem and has been well tested, we will release the next Core Update.

Until then, we are tracking the issue on the IPFire bugtracker under bug id #10631.