>
> There's a second vulnerability that escapes the first bug patch.
>
> env X="() { (a)=>\\" bash -c '/dev/stdout date'
>
> If this prints the date, you still have a hole where bash can write content
> to arbitrary files. ( And this trick somehow makes it write the date to
> /dev/stdout. )
>
Kreist, I'm up **it Creek after all :(
gvim