Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Yet To Push Patch For "Shellshock" Bug

Posted by timothy on from the everyone-has-their-reasons dept.

An anonymous reader writes "Open source operating systems vulnerable to the Shellshock bug have already pushed two patches to fix the vulnerability, but Apple has yet to issue one for Mac OS X. Ars Technica speculates that licensing issues may be giving Apple pause: "[T]he current [bash] version is released under the GNU Public License version 3 (GPLv3). Apple has avoided bundling GPLv3-licensed software because of its stricter license terms....Apple executives may feel they have to have their own developers make modifications to the bash code."" It's also worth noting that there are still flaws with the patches issued so far. Meanwhile, Fedora Magazine has published an easy-to-follow description of how Shellshock actually works. The Free Software Foundation has also issued a statement about Shellshock.

3 of 208 comments (clear)

  1. ~/.cshrc by Bing+Tsher+E · · Score: 4, Funny

    Is there anything I should add to my ~/.cshrc file to protect against this bug?

    1. Re:~/.cshrc by koan · · Score: 2, Funny

      Yeah a better operating system than OSX.

      --
      "If any question why we died, Tell them because our fathers lied."
  2. Re:Ars Technica speculates? by ceoyoyo · · Score: 3, Funny

    The GPL v4:

    You may not modify, distribute, publish, compile, share, view or in any other way make use of this source code without the express written permission of Richard M. Stallman. This is for the protection of your freedoms, comrade!