pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: pkg_admin audit: false alarm for bash-4.4.012 (CVE-2016-9401)?

Hi Matthias,

On 01/02/2017 15:41, Matthias Ferdinand wrote:
> Could you (somebody? :-) please update the vulnerabilities file?

Thanks for the heads up.
The patch for this issue appears to be
According to
Thing is that while shells/bash 4.x version in the tree currently is not
vulnerable. shells/bash2 is still vulnerable which makes the listing
valid until the patch is applied there (unfortunately I'm not in a
position to patch the package at the moment so it may have to wait
another day, unless someone beats me to it).


Home | Main Index | Thread Index | Old Index