ELSA-2017-0725

Опубликовано: 27 мар. 2017

Источник: oracle-oval

Платформа: Oracle Linux 6

Описание

ELSA-2017-0725: bash security and bug fix update (MODERATE)

[4.1.2-48]

Fix signal handling in read builtin Resolves: #1421926

[4.1.2-47]

CVE-2016-9401 - Fix crash when '-' is passed as second sign to popd Resolves: #1396383

[4.1.2-46]

CVE-2016-7543 - Fix for arbitrary code execution via SHELLOPTS+PS4 variables Resolves: #1379630

[4.1.2-45]

CVE-2016-0634 - Fix for arbitrary code execution via malicious hostname Resolves: #1377613

[4.1.2-44]

Avoid crash in parameter expansion while expanding long strings Resolves: #1359142

[4.1.2-43]

Stop reading input when SIGHUP is received Resolves: #1325753

[4.1.2-42]

Bash leaks memory while doing pattern removal in parameter expansion Resolves: #1283829

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

bash

4.1.2-48.el6

bash-doc

4.1.2-48.el6

Oracle Linux i686

bash

4.1.2-48.el6

bash-doc

4.1.2-48.el6

Oracle Linux sparc64

bash

4.1.2-48.el6

bash-doc

4.1.2-48.el6

Связанные CVE

CVE-2016-7543

CVE-2016-9401

CVE-2016-0634

Ссылки на источники

Связанные уязвимости

ELSA-2017-1931

oracle-oval

больше 8 лет назад

ELSA-2017-1931: bash security and bug fix update (MODERATE)

openSUSE-SU-2018:1419-1

suse-cvrf

больше 7 лет назад

Security update for bash

SUSE-SU-2018:1398-2

suse-cvrf

около 7 лет назад

Security update for bash

SUSE-SU-2018:1398-1

suse-cvrf

больше 7 лет назад

Security update for bash

SUSE-SU-2017:0302-1

suse-cvrf

почти 9 лет назад

Security update for bash