25/09/14 01:02, Jurre van Bergen wrote:
>
> Dear Tails users,
>
> As you might have heard there is a Bash vulnerability, I have created a
> temporary countermeasure write-up below.
Out of curiosity, have you (or any one else for that matter) come up
with a relevant exploit in Tails? I suppose I'm talking mostly about
actively supported (client-oriented) use cases -- it's obvious that any
one running a custom setup with a hidden service sshd with AcceptEnv,
for instance, is affected.
By the way, this will be fixed in the Tails 1.1.2 emergency release [1],
scheduled to be released later today (Thursday, CEST).
Cheers!
[1] The reason for the 1.1.2 release is not the bash bug, but the
Firefox bug:
https://www.mozilla.org/security/announce/2014/mfsa2014-73.html
