diff options
author | mboelen <michael@cisofy.com> | 2014-10-27 01:33:26 +0300 |
---|---|---|
committer | mboelen <michael@cisofy.com> | 2014-10-27 01:33:26 +0300 |
commit | 46de3f8d99cc09ed752286fd6f326d8f38b3b7f6 (patch) | |
tree | d1aac9aef52a067df186bc61da1f3d53f161cdca /include/tests_shells | |
parent | 410861f4dffb33e0afa6d52f7847c31e8954b3ea (diff) |
Hide RPM related database errors, show suggestion instead
Diffstat (limited to 'include/tests_shells')
-rw-r--r-- | include/tests_shells | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/include/tests_shells b/include/tests_shells index e9a74ddc..5d0fa442 100644 --- a/include/tests_shells +++ b/include/tests_shells @@ -251,9 +251,10 @@ rm -f ${SHELLSHOCK_TMP} if [ ! "${VULNERABLE}" = "" ]; then logtext "Output: ${VULNERABLE}" - logtext "Result: Vulnerable to original shellshock (CVE-2014-6277)" + logtext "Result: Vulnerable to original shellshock (CVE-2014-6277). This may not be a security risk, as distributions patched it. Still it shows your bash is vulnerable for crashing." Display --indent 2 --text "- Shellshock: CVE-2014-6277 (segfault, lcamtuf bug #1)" --result "WARNING" --color RED - FOUND=1 + # Do not trigger the warning for this particular test. Most distributions did actually patch it to reduce the security risks, while allowing it still to segfault. + #FOUND=1 else logtext "Result: Not vulnerable to original shellshock (CVE-2014-6277)" #Display --indent 4 --text "- CVE-2014-6277 (segfault, lcamtuf bug #1)" --result "OK" --color GREEN |