Citrix is aware of recent vulnerability reports that impact GNU Bash and is actively investigating the potential impact of these issues on Citrix products. There are a number of CVEs related to this issue, the current set includes:

CVE-2014-6271

CVE-2014-6277

CVE-2014-6278

CVE-2014-7169

CVE-2014-7186

CVE-2014-7187



The following sections provide some initial guidance to customers on the potential impact of this issue. Please note that this issue is under active analysis and, as such, customers should check back frequently to get the current status of our response.