Bash 2.05 Problems

J.A. Neitzel jan.listbox at
Sun Aug 12 11:29:37 PDT 2001

On Saturday 11 August 2001 14:23, Thomas M. Beaudry wrote:
> I brought this up once before but don't remember if I got an
> answer so I'll ask again.
> Why doesn't LFS apply the patches to bash-2.05?  Besides the
> obviously desirable fixes to bug buddy and file descriptor
> handling, they fix a number of buffer overruns.  I don't know
> if they could be a security risk in bash but they have been
> exploited in other programs to gain root access.

Do you mean the patches available via Chet Ramey's website at CWRU ?

Good question? Frankly, I don't why it's not mentioned in the book that 
one might want to get these patches and apply them. Personally, I always 
check for updated info at his website and apply these patches after 
checking why they were released. Some of them are geared toward platform 
specific problems (Solaris, AIX, etc.)... Still I apply em all.

Currently, there are 6 patches.
Plus a new & ...
Linux locutus 2.4.7 #1 Thu Aug 2 00:00:17 EST 2001 i686
Unsubscribe: send email to lfs-security-request at
and put unsubscribe in the subject header of the message

More information about the lfs-security mailing list