[El-errata] ELSA-2017-0725 Moderate: Oracle Linux 6 bash security and bug fix update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue Mar 28 10:03:49 PDT 2017
Oracle Linux Security Advisory ELSA-2017-0725
http://linux.oracle.com/errata/ELSA-2017-0725.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
bash-4.1.2-48.el6.i686.rpm
bash-doc-4.1.2-48.el6.i686.rpm
x86_64:
bash-4.1.2-48.el6.x86_64.rpm
bash-doc-4.1.2-48.el6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/bash-4.1.2-48.el6.src.rpm
Description of changes:
[4.1.2-48]
- Fix signal handling in read builtin
Resolves: #1421926
[4.1.2-47]
- CVE-2016-9401 - Fix crash when '-' is passed as second sign to popd
Resolves: #1396383
[4.1.2-46]
- CVE-2016-7543 - Fix for arbitrary code execution via SHELLOPTS+PS4
variables
Resolves: #1379630
[4.1.2-45]
- CVE-2016-0634 - Fix for arbitrary code execution via malicious hostname
Resolves: #1377613
[4.1.2-44]
- Avoid crash in parameter expansion while expanding long strings
Resolves: #1359142
[4.1.2-43]
- Stop reading input when SIGHUP is received
Resolves: #1325753
[4.1.2-42]
- Bash leaks memory while doing pattern removal in parameter expansion
Resolves: #1283829
More information about the El-errata
mailing list