Tavis Ormandy discovered that the security fix for Bash included in USN-2362-1 was incomplete. An attacker could use this issue to bypass certain environment restrictions. (CVE-2014-7169)
{ "availability": "No subscription required", "binaries": [ { "binary_version": "4.3-7ubuntu1.2", "binary_name": "bash" }, { "binary_version": "4.3-7ubuntu1.2", "binary_name": "bash-builtins" }, { "binary_version": "4.3-7ubuntu1.2", "binary_name": "bash-doc" }, { "binary_version": "4.3-7ubuntu1.2", "binary_name": "bash-static" } ] }