Bash Code Injection Vulnerability via Specially Crafted Environment Variables

測試

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

Fix it

deb http://http.debian.net/debian/ squeeze main contrib non-free
deb http://security.debian.org/ squeeze/updates main contrib non-free
deb http://http.debian.net/debian squeeze-lts main contrib non-free

apt-get install --only-upgrade bash

# --only-upgrade: Do not install new packages;