aibohphobia Posted September 30, 2014 Share Posted September 30, 2014 root@Pineapple:~# cat /etc/pineapple/pineapple_version2.0.4root@Pineapple:~# env x='() { :;}; echo vulnerable' bash -c "echo pineapple found."vulnerablepineapple found. root@Pineapple:~# opkg list-installed | grep bashbash - 4.2-3 root@Pineapple:~# opkg updateDownloading http://cloud.wifipineapple.com/mk5/packages/Packages.gz. Updated list of available packages in /var/opkg-lists/pineapple_packages.root@Pineapple:~# opkg list-upgradableroot@Pineapple:~# _ Any plans for an update for bash? And yes, I do know root is running /bin/ash. That's not the issue. Quote Link to comment Share on other sites More sharing options...
newbi3 Posted September 30, 2014 Share Posted September 30, 2014 The next firmware release will be patched Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted September 30, 2014 Share Posted September 30, 2014 Yup, it's already patched and will be released soon with other fixed and a few more features, mainly focusing on security. There is no immediate need to fix shellshock, at least not as it's own firmware release. It's going to be shipped in the next firmware, to be released soon. Best regards, Sebkinne Quote Link to comment Share on other sites More sharing options...
3mrgnc3 Posted September 30, 2014 Share Posted September 30, 2014 Hi Seb, Are you going to be upgrading the web config interface to https for the next fw release? Well done and good work on everything so far btw. cheers. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.