Errata overview
Errata ID 213
Date 2014-09-25
Source package bash
Fixed in version 4.1-3.33.201409251312
Stephane Chazelas discovered a vulnerability in bash, the GNU
Bourne-Again Shell, related to how environment variables are
processed. In many common configurations, this vulnerability is
exploitable over the network, especially if bash has been configured
as the system shell.
Additional notes
CVE ID CVE-2014-6271
UCS Bug number #35992