[ntp:security] Bash fix incomplete -- still exploitable

Brad Knowles brad at shub-internet.org
Thu Sep 25 11:35:47 UTC 2014

On Sep 25, 2014, at 12:20 AM, Harlan Stenn <stenn at ntp.org> wrote:

> Thanks - let's discuss this (and what we should do about it) on an
> internal sysadmin list, not the NTP security list.

Fair enough.

> Or am I missing something?

I wasn't aware of the split in functionality on this issue, but now that you mention it, that does make sense.


Brad Knowles <brad at shub-internet.org>
LinkedIn Profile: <http://tinyurl.com/y8kpxu>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.ntp.org/private/security/attachments/20140925/1cb9c8d3/attachment.sig>

More information about the security mailing list