Re: [Tails-dev] Bash bug

Delete this message

Reply to this message
Author: anonym
Date:  
To: The Tails public development discussion list
Subject: Re: [Tails-dev] Bash bug
25/09/14 01:02, Jurre van Bergen wrote:
>
> Dear Tails users,
>
> As you might have heard there is a Bash vulnerability, I have created a
> temporary countermeasure write-up below.


Out of curiosity, have you (or any one else for that matter) come up
with a relevant exploit in Tails? I suppose I'm talking mostly about
actively supported (client-oriented) use cases -- it's obvious that any
one running a custom setup with a hidden service sshd with AcceptEnv,
for instance, is affected.

By the way, this will be fixed in the Tails 1.1.2 emergency release [1],
scheduled to be released later today (Thursday, CEST).

Cheers!

[1] The reason for the 1.1.2 release is not the bash bug, but the
Firefox bug: https://www.mozilla.org/security/announce/2014/mfsa2014-73.html