pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

pkg_admin audit: false alarm for bash-4.4.012 (CVE-2016-9401)?

To: pkgsrc-users%netbsd.org@localhost
Subject: pkg_admin audit: false alarm for bash-4.4.012 (CVE-2016-9401)?
From: Matthias Ferdinand <mf+ml.pkgsrc-users%netzwerkagentursaarland.de@localhost>
Date: Wed, 1 Feb 2017 16:41:19 +0100

Hi,

"pkg_admin audit" shows the following for bash:

    Package bash-4.4.012 has a security-bypass vulnerability, see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9401

AFAICT this was fixed by patchfile bash44-006 (i.e. since bash-4.4.006).

Could you (somebody? :-) please update the vulnerabilities file?

Thank you
Matthias

Follow-Ups:
- Re: pkg_admin audit: false alarm for bash-4.4.012 (CVE-2016-9401)?
  - From: Sevan Janiyan

Prev by Date: Re: python27 on linux
Next by Date: Re: pkg_admin audit: false alarm for bash-4.4.012 (CVE-2016-9401)?
Previous by Thread: x11/x11vnc patch
Next by Thread: Re: pkg_admin audit: false alarm for bash-4.4.012 (CVE-2016-9401)?
Indexes:

Home | Main Index | Thread Index | Old Index