OVMSA-2017-0050 - bash security update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2017-03-29 |
Description
[4.1.2-48]
- Fix signal handling in read builtin
Resolves: #1421926
[4.1.2-47]
- CVE-2016-9401 - Fix crash when '-' is passed as second sign to popd
Resolves: #1396383
[4.1.2-46]
- CVE-2016-7543 - Fix for arbitrary code execution via SHELLOPTS+PS4 variables
Resolves: #1379630
[4.1.2-45]
- CVE-2016-0634 - Fix for arbitrary code execution via malicious hostname
Resolves: #1377613
[4.1.2-44]
- Avoid crash in parameter expansion while expanding long strings
Resolves: #1359142
[4.1.2-43]
- Stop reading input when SIGHUP is received
Resolves: #1325753
[4.1.2-42]
- Bash leaks memory while doing pattern removal in parameter expansion
Resolves: #1283829
[4.1.2-41]
- Fix a race condition in saving bash history on shutdown
Resolves: #1325753
[4.1.2-40]
- Bash shouldn't ignore bash --debugger without a dbger installed
Related: #1260568
[4.1.2-39]
- Wrong parsing inside for loop and brackets
Resolves: #1207803
[4.1.2-38]
- IFS incorrectly splitting herestrings
Resolves: #1250070
[4.1.2-37]
- Case in a for loop in a subshell causes a syntax error
Resolves: #1240994
[4.1.2-36]
- Bash shouldn't ignore bash --debugger without a dbger installed
Resolves: #1260568
[4.1.2-35]
- Bash leaks memory when repeatedly doing a pattern-subst
Resolves: #1207042
[4.1.2-34]
- Bash hangs when a signal is received
Resolves: #868846
[4.1.2-33]
- Allow importing exported functions with hyphens
Resolves: #1155455
[4.1.2-32]
- Allow importing exported functions with hyphens
Resolves: #1148507
[4.1.2-31]
- Better doc. for ulimit -c and -f options
Resolves: #1119587
[4.1.2-30]
- Fix a segfault from shellshock check-scripts
Resolves: #1150544
[4.1.2-29]
- CVE-2014-7169
Resolves: #1146323
[4.1.2-28]
- Fix-up the patch
Related: #1141646
[4.1.2-27]
- Check for fishy environment
Related: #1141646
[4.1.2-26]
- Final fix for bash vi mode
Related: #1102803
[4.1.2-25]
- Fix double echoes differently
Related: #1102803
[4.1.2-24]
- Fix memory leaks and keep coverity happy
Related: #1010164
[4.1.2-23]
- Fix double echoes
Resolves: #1102803
[4.1.2-22]
- Fix some heavy memory leaks
Resolves: #1010164
[4.1.2-21]
- Document changes to the extglob behaviour in the man page
Resolves: #1011064
[4.1.2-20]
- Fix reading of empty history
Resolves: #986095
[4.1.2-19]
- Fix file descriptor leaks
Resolves: #948207
[4.1.2-18]
- Fix certain brace expansion cases
Resolves: #1012015
[4.1.2-17]
- Fix double free after receiving SIGCHLD
Resolves: #951171
[4.1.2-16]
- Output multiline here-strings correctly.
Resolves: #1007926
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle VM 3.3 (x86_64) | bash-4.1.2-48.el6.src.rpm | 479277caf7ab651eeef6b113c4b321d8 | - |
| bash-4.1.2-48.el6.x86_64.rpm | 7afa451f75e27f9c858aaf4054450e54 | - |
|
| Oracle VM 3.4 (x86_64) | bash-4.1.2-48.el6.src.rpm | 479277caf7ab651eeef6b113c4b321d8 | - |
| bash-4.1.2-48.el6.x86_64.rpm | 7afa451f75e27f9c858aaf4054450e54 | - |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
