What is actually CVE-2014-6271?
Actually redhat did a very good job describing it: https://access.redhat.com/articles/1200223 From what I’ve understood, it’s basically a bug that allows you in bash to do some other command after the function declaration in a variable.
Let’s change the example a little bit, so that it’s more easier to read:
env your_function='() { echo "your function do something";}; echo "but I can still add other command after your function"' bash -c "echo this is a test" If you system is affected with the bug, if you run that command, you will see the text “but I can still add other command after your function”.
So I have an ATI HD5xxx graphic card in my desktop personal computer. It’s a nice and quite fast card. It also has three display adapters: HDMI, DVI, DisplayPort. On my desk, there are two monitors. One of them have a DVI and a VGA adapter. The other however, only have VGA adapter. Do you see the problem here?
My graphic card has no VGA adapter, because of this, I need to use some adapter, and because I used an adapter, the resolution of the monitor is not detected properly.
So it was when I was trying to install Skype on my brand new Debian 7 (Wheezy) when I encountered this problem:
package architecture (i386) does not match system (amd64) Actually I was a little shocked. I just downloaded the Skype package for Debian from the official website then tried to install it normally using “dpkg -i ”, and it used to always work (normally). Actually I came from the rpm world (Fedora and CentOS) and have been only using Windows 8 for the past few months for my thesis, so I am actually wondering whether I’m the one who is a little out of date, or this is just a deb thingie, or I’m just too thick and dumb.