oss-sec mailing list archives

Re: More parser odities

From: Hanno Böck <hanno () hboeck de>
Date: Thu, 2 Oct 2014 07:43:04 +0200

Am Wed, 1 Oct 2014 19:44:38 -0700
schrieb Michal Zalewski <lcamtuf () coredump cx>:

Anyway, I think that the confusion stemmed mostly from fairly
inaccurate "vanity" pages, news articles, and "vulnerability checkers"
that pulled off stuff like this
(https://shellshocker.net/shellshock_test.sh):


I feel somewhat guilty here because I wrote one of the more popular
scripts out there [1]. It has been referenced in a number of somewhat
incorrect reportings about the apple update.

I'll add some clarification to the docs and will change the script in a
way that the output is less scary if the prefix-patch is installed.

[1] https://github.com/hannob/bashcheck

-- 
Hanno Böck
http://hboeck.de/

mail/jabber: hanno () hboeck de
GPG: BBB51E42

Attachment: signature.asc
Description:

Current thread:

More parser odities Kobrin, Eric (Oct 01)
- Re: More parser odities Kobrin, Eric (Oct 01)
  - Re: More parser odities Solar Designer (Oct 01)
    - Re: More parser odities Tavis Ormandy (Oct 01)
    - Re: More parser odities Solar Designer (Oct 01)
    - Re: More parser odities Michal Zalewski (Oct 01)
    - Re: More parser odities Solar Designer (Oct 01)
    - Re: More parser odities Solar Designer (Oct 01)
    - Re: More parser odities Hanno Böck (Oct 01)
    - Re: More parser odities Chet Ramey (Oct 01)