Hi guys,
looks like /tinycorelinux/5.x/x86/tcz/bash.tcz package is vulnerable to all the main shellshock vulnerabilities.
I've created a new package and I'll be more than happy to contribute. The new "bash.tcz" fixes CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-6277 and CVE-2014-6278.
Also, I'd like to contribute with "bash_vuln_fix_tester.sh" script to check the bash.tcz package against known exploits.
Let me know what is the correct path to submit a contribution and I'll share.
Thanks in advance,
Vincenzo.