openSUSE-SU-2019:1178-1

Опубликовано: 08 апр. 2019

Источник: suse-cvrf

Описание

Security update for bash

This update for bash fixes the following issues:

Security issue fixed:

CVE-2019-9924: Fixed a vulnerability in which shell did not prevent user BASH_CMDS allowing the user to execute any command with the permissions of the shell (bsc#1130324).

This update was imported from the SUSE:SLE-12-SP2:Update update project.

Список пакетов

openSUSE Leap 42.3

bash-4.3-83.15.1

bash-devel-4.3-83.15.1

bash-doc-4.3-83.15.1

bash-lang-4.3-83.15.1

bash-loadables-4.3-83.15.1

libreadline6-6.3-83.15.1

libreadline6-32bit-6.3-83.15.1

readline-devel-6.3-83.15.1

readline-devel-32bit-6.3-83.15.1

readline-doc-6.3-83.15.1

Ссылки

https://lists.opensuse.org/opensuse-security-announce/2019-04/msg00049.html
E-Mail link for openSUSE-SU-2019:1178-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.

Затронутые продукты

openSUSE Leap 42.3:bash-4.3-83.15.1

openSUSE Leap 42.3:bash-devel-4.3-83.15.1

openSUSE Leap 42.3:bash-doc-4.3-83.15.1

openSUSE Leap 42.3:bash-lang-4.3-83.15.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-9924.html
CVE-2019-9924
https://bugzilla.suse.com/1130324
SUSE Bug 1130324

openSUSE-SU-2019:1178-1

Описание

Список пакетов

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2019-9924

Описание

Затронутые продукты

Ссылки