Re: [oss-security] CVE-2014-6271: remote code execution through bash

Tavis Ormandy just tweetet this:
https://twitter.com/taviso/status/514887394294652929

The bash patch seems incomplete to me, function parsing is still
brittle. e.g. $ env X='() { (a)=>\' sh -c "echo date"; cat echo

– Hanno Bock http://hboeck.de/ mail/jabber: [email protected] GPG: BBB51E42