TIBCO Mashery API Developer Blog

Advisories CVE-2014-6271 and CVE-2014-7169 for GNU Bash

A security advisory was released on 09/24/2014 related to a vulnerability, now informally being referred to as Shellshock, that exists in GNU Bash.  For more information about this vulnerability, please refer to CVE-2014-6271 and CVE-2014-7169.  An incident response is in effect and immediate actions have been taken by TIBCO Mashery to address this vulnerability.  We will update you with more information as it becomes available.  Please contact support@mashery.com with questions or concerns.

Mashery understands the impact and is working towards building and deploying the patch for Mashery Local 2.2 customers by end of next week. Also Mashery Local is less vulnerable as it sits behind the firewall.