[SECURITY] debian-lts-announce@lists.debian.org

2014-09-24T15:22:47
ID DEBIAN:ACBAE732DF5CF430594D30872D7BB6CA:B482A
Type debian
Reporter Debian
Modified 2014-09-24T15:22:47

Description

Package : bash Version : 4.1-3+deb6u1 CVE ID : CVE-2014-6271

Stephane Chazelas discovered a vulnerability in bash, the GNU Bourne-Again Shell, related to how environment variables are processed. In many common configurations, this vulnerability is exploitable over the network, especially if bash has been configured as the system shell.