ELSA-2017-1931 - bash security and bug fix update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2017-08-07 |
Description
[4.2.46-28]
- CVE-2016-9401 - Fix crash when '-' is passed as second sign to popd
Resolves: #1429838
[4.2.46-27]
- CVE-2016-7543: Fix for arbitrary code execution via SHELLOPTS+PS4 variables
Resolves: #1426026
[4.2.46-26]
- CVE-2016-0634: Fix for arbitrary code execution via malicious hostname
Resolves: #1379237
[4.2.46-25]
- Plug a leak related to compound assignments
Resolves: #1264101
[4.2.46-24]
- Recognize cd -e
Resolves: #1267478
[4.2.46-23]
- Add a condition before setting pipeline_pgrp to shell_pgrp
Resolves: #1377496
[4.2.46-22]
- Avoid crash in parameter expansion while expanding long strings
Resolves: #1403255
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle Linux 7 (aarch64) | bash-4.2.46-28.el7.src.rpm | f9eff2dfc5b67f3ea5a668f34f796756 | ELSA-2020-1113 |
| bash-4.2.46-28.el7.aarch64.rpm | 61899f4a8bd64699d53a6fc3b0e75d52 | ELSA-2020-1113 |
| bash-doc-4.2.46-28.el7.aarch64.rpm | a3d4e0bc56963ad5c552b6bdb0dee15d | ELSA-2020-1113 |
|
| Oracle Linux 7 (x86_64) | bash-4.2.46-28.el7.src.rpm | f9eff2dfc5b67f3ea5a668f34f796756 | ELSA-2020-1113 |
| bash-4.2.46-28.el7.x86_64.rpm | 3d949592a52bab33448196db6374def7 | ELSA-2020-1113 |
| bash-doc-4.2.46-28.el7.x86_64.rpm | eaeb111da41b452323a949bcbb50c0ef | ELSA-2020-1113 |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
