Porteus

Porteus User Forum
https://forum.porteus.org/

Bash bug

https://forum.porteus.org/viewtopic.php?f=113&t=3901

Page 4 of 4

Re: Bash bug

Posted: 18 Oct 2014, 07:50
by neko
usm-latest-0.0-noarch-1 of both 001-core4.xzms was updated.

core5.tar
http://www.mediafire.com/download/22w4o ... /core5.tar

is constructed with

32bit/
32bit/001-core5.xzm.md5
32bit/001-core5.xzm
64bit/
64bit/001-core5.xzm.md5
64bit/001-core5.xzm

Re: Bash bug

Posted: 19 Oct 2014, 10:40
by neko
The "bash"s of 32bit/64bit version3.1-rc1 001-core.xzm were updated.

core.v3.1-rc1.tar
http://www.mediafire.com/download/zwm7j ... .1-rc1.tar

is constructed with
32bit/
32bit/001-core2.xzm
32bit/001-core2.xzm.md5
64bit/
64bit/001-core2.xzm
64bit/001-core2.xzm.md5

Thanks.

=========================
[bash test of 32bit version3.1-rc1 001-core.xzm]
guest$ bashcheck.txt
Testing /usr/bin/bash ...
GNU bash, version 4.2.50(2)-release (i486-slackware-linux-gnu)

Variable function parser pre/suffixed [%%, upstream], bugs not exploitable
Not vulnerable to CVE-2014-6271 (original shellshock)
Not vulnerable to CVE-2014-7169 (taviso bug)
Not vulnerable to CVE-2014-7186 (redir_stack bug)
Test for CVE-2014-7187 not reliable without address sanitizer
Found non-exploitable CVE-2014-6277 (lcamtuf bug #1)
Found non-exploitable CVE-2014-6278 (lcamtuf bug #2)


root# bashcheck.txt
Testing /bin/bash ...
GNU bash, version 4.2.50(2)-release (i486-slackware-linux-gnu)

Variable function parser pre/suffixed [%%, upstream], bugs not exploitable
Not vulnerable to CVE-2014-6271 (original shellshock)
Not vulnerable to CVE-2014-7169 (taviso bug)
Found non-exploitable CVE-2014-7186 (redir_stack bug)
Test for CVE-2014-7187 not reliable without address sanitizer
Found non-exploitable CVE-2014-6277 (lcamtuf bug #1)
Found non-exploitable CVE-2014-6278 (lcamtuf bug #2)

=========================
[bash test of 32bit version3.1-rc1 001-core2.xzm]
guest$ bashcheck.txt
Testing /usr/bin/bash ...
GNU bash, version 4.2.25(1)-release (i686-pc-linux-gnu)

Variable function parser pre/suffixed [%%, upstream], bugs not exploitable
Not vulnerable to CVE-2014-6271 (original shellshock)
Not vulnerable to CVE-2014-7169 (taviso bug)
Not vulnerable to CVE-2014-7186 (redir_stack bug)
Test for CVE-2014-7187 not reliable without address sanitizer
Not vulnerable to CVE-2014-6277 (lcamtuf bug #1)
Not vulnerable to CVE-2014-6278 (lcamtuf bug #2)


root# bashcheck.txt
Testing /bin/bash ...
GNU bash, version 4.2.25(1)-release (i686-pc-linux-gnu)

Variable function parser pre/suffixed [%%, upstream], bugs not exploitable
Not vulnerable to CVE-2014-6271 (original shellshock)
Not vulnerable to CVE-2014-7169 (taviso bug)
Not vulnerable to CVE-2014-7186 (redir_stack bug)
Test for CVE-2014-7187 not reliable without address sanitizer
Not vulnerable to CVE-2014-6277 (lcamtuf bug #1)
Not vulnerable to CVE-2014-6278 (lcamtuf bug #2)

=========================
All times are UTC
Page 4 of 4
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/