[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

buffer overflow errors

From: Smokey Mtn Digital Hams
Subject: buffer overflow errors
Date: Sat, 3 Jan 2015 18:50:40 -0500

Configuration Information [Automatically generated, do not change]:
Machine: i686
OS: linux-gnu
Compiler: gcc
Compilation CFLAGS:  -DPROGRAM='bash' -DCONF_HOSTTYPE='i686' -DCONF_OSTYPE='linux-gnu' -DCONF_MACHTYPE='i686-pc-linux-gnu' -DCONF_VENDOR='pc' -DLOCALEDIR='/usr/share/locale' -DPACKAGE='bash' -DSHELL -DHAVE_CONFIG_H   -I.  -I../. -I.././include -I.././lib  -D_FORTIFY_SOURCE=2 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wall
uname output: Linux Freestyle 3.11.0-12-generic #19-Ubuntu SMP Wed Oct 9 16:12:00 UTC 2013 i686 i686 i686 GNU/Linux
Machine Type: i686-pc-linux-gnu

Bash Version: 4.3
Patch Level: 11
Release Status: release

Log files are showing an increased level of buffer overflows from common CLI usage and scripts that previously did not result in excessive overflows being passed.

Mostly this is from interactive CLI usage and commands passed from well written GUI scripts (mostly py). Some bash scripts are involved. The same scripts passed to zsh (edited appropriately) do not result in this level of buffer overflow.

When I use zsh or rollback to a previous version of bash (pre-March 2014) it returns to previous level of issues (minimal with occasional overflows). The issue with this fix is the obvious, security issue over the summer made it dangerous to use an unpatched bash.

Electronic mail (email) is not a confidential form of communication.  In order to ensure confidentiality and to protect your privacy, please use discretion when sending information that is sensitive in nature.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]