Am 02.10.2014 um 19:08 schrieb Bruno Wolff III: > On Thu, Oct 02, 2014 at 13:05:27 -0400, > Matthew Miller <mat...@fedoraproject.org> wrote: >> >> For the case of arbitrary variables (like USER_AGENT), the problem is >> closed, because now only variables prefixed BASH_FUNC_ and with a suffix of >> () in our current patch or %% upstream are scanned for function definitions. > > Thanks for the update. I had read something about that change, > but didn't know it was done upstream and in Fedora
also don't forget that currently a lot of people look into bash in security context because of the things happened short ago and it's wide use besides that the known issues are fixed it could go easily in the wrong direction switch to something different which may also have it's own issues nobody cared until now and has less focus in security context than bash now has
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
