Mailinglist Archive: opensuse-security (24 mails)

< Previous Next >
RE: [opensuse-security] Additional security patches for bash in 11.4 Evergreen?
Ok, thank you for the clarification.

-Andrew

-----Original Message-----
From: Marcus Meissner [mailto:meissner@xxxxxxx]
Sent: Wednesday, October 01, 2014 10:39 AM
To: Andrew Chace
Cc: opensuse-security@xxxxxxxxxxxx
Subject: Re: [opensuse-security] Additional security patches for bash in 11.4
Evergreen?

On Wed, Oct 01, 2014 at 03:15:30PM +0000, Andrew Chace wrote:
Hello,

I read the recent announcement regarding the end of maintenance for openSUSE
11.4 Evergreen. I really appreciate the patches for openSUSE-SU-2014:1238-1
(CVE-2014-6271) that were issued just after this announcement was made.

My question is as follows: Are there any plans to issue patches for related
CVEs that were posted shortly after CVE-2014-6271 (for example, 6277, 6278,
7169, 7186, and 7187)?

For Evergreen 11.4, the evergreen team disabled this dangerous function import
over environment variables feature completely.

So it is no longer affected by those issues.

Ciao, Marcus
--
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-security+owner@xxxxxxxxxxxx

< Previous Next >
List Navigation