FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-16 19:33:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
71ad81da-4414-11e4-a33e-3c970e169bc2	bash -- remote code execution vulnerability Chet Ramey reports: Under certain circumstances, bash will execute user code while processing the environment for exported function definitions. The original fix released for CVE-2014-6271 was not adequate. A similar vulnerability was discovered and tagged as CVE-2014-7169. Discovery 2014-09-24 Entry 2014-09-24 Modified 2014-09-25 bash bash-static gt 3.0 le 3.0.17 gt 3.1 le 3.1.18 gt 3.2 le 3.2.52 gt 4.0 le 4.0.39 gt 4.1 le 4.1.12 gt 4.2 le 4.2.48 gt 4.3 lt 4.3.25_1 linux_base-c6 < 6.5_1 CVE-2014-6271 CVE-2014-7169 https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/ https://lists.gnu.org/archive/html/bug-bash/2014-09/msg00081.html http://seclists.org/oss-sec/2014/q3/690

VuXML ID

Description

71ad81da-4414-11e4-a33e-3c970e169bc2

bash -- remote code execution vulnerability

Chet Ramey reports:

Under certain circumstances, bash will execute user code while processing the environment for exported function definitions.

The original fix released for CVE-2014-6271 was not adequate. A similar vulnerability was discovered and tagged as CVE-2014-7169.

Discovery 2014-09-24
Entry 2014-09-24
Modified 2014-09-25
bash
bash-static

gt 3.0 le 3.0.17

gt 3.1 le 3.1.18

gt 3.2 le 3.2.52

gt 4.0 le 4.0.39

gt 4.1 le 4.1.12

gt 4.2 le 4.2.48

gt 4.3 lt 4.3.25_1

linux_base-c6

< 6.5_1

CVE-2014-6271
CVE-2014-7169
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
https://lists.gnu.org/archive/html/bug-bash/2014-09/msg00081.html
http://seclists.org/oss-sec/2014/q3/690