Apple Yet To Push Patch For "Shellshock" Bug

Posted by timothy on Saturday September 27, 2014 @12:25AM from the everyone-has-their-reasons dept.

An anonymous reader writes "Open source operating systems vulnerable to the Shellshock bug have already pushed two patches to fix the vulnerability, but Apple has yet to issue one for Mac OS X. Ars Technica speculates that licensing issues may be giving Apple pause: "[T]he current [bash] version is released under the GNU Public License version 3 (GPLv3). Apple has avoided bundling GPLv3-licensed software because of its stricter license terms....Apple executives may feel they have to have their own developers make modifications to the bash code."" It's also worth noting that there are still flaws with the patches issued so far. Meanwhile, Fedora Magazine has published an easy-to-follow description of how Shellshock actually works. The Free Software Foundation has also issued a statement about Shellshock.

1 of 208 comments (clear)

Min score:

Reason:

Sort:

Re:Issue with FSF statement... by Richard_at_work · 2014-09-27 00:41 · Score: 1, Offtopic

I'd be interested to hear why the down modder thinks my points above are trolling. Can you actually defend the FSF statement as written? Is it not a poor and flawed blanket statement? What are your arguments in support of it? Or did I just hit a nerve?