Package: bash Version: 5.1-2+deb11u1 Severity: grave Tags: security upstream X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Hi, according to RedHat, this bug was corrected in bash 5.1.8, but seems to be usable to conduct at least a local DOS. Enjoy, Toni -- System Information: Debian Release: 11.6 APT prefers stable-security APT policy: (990, 'stable-security'), (990, 'stable'), (500, 'stable-updates'), (500, 'unstable'), (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-20-amd64 (SMP w/12 CPU threads) Kernel taint flags: TAINT_WARN Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages bash depends on: ii base-files 11.1+deb11u6 ii debianutils 4.11.2 ii libc6 2.31-13+deb11u5 ii libtinfo6 6.2+20201114-2 Versions of packages bash recommends: ii bash-completion 1:2.11-2 Versions of packages bash suggests: pn bash-doc <none> -- no debconf information