[ubuntu/precise-security] bash 4.2-2ubuntu2.9 (Accepted)
Steve Langasek
steve.langasek at canonical.com
Mon May 3 12:46:20 UTC 2021
bash (4.2-2ubuntu2.9) precise-security; urgency=medium
* SECURITY UPDATE: Heap-based buffer overflow
- debian/patches/CVE-2012-6711.patch: making u32cconv() return
the number of bytes instead a negative value in
lib/sh/unicode.c
- CVE-2012-6711
bash (4.2-2ubuntu2.8) precise-security; urgency=medium
* SECURITY UPDATE: rbash restriction bypass (LP: #1803441)
- debian/patches/CVE-2019-9924.patch: if the shell is restricted,
reject attempts to add pathnames containing slashes to the hash table
in variables.c.
- CVE-2019-9924
bash (4.2-2ubuntu2.7) precise-security; urgency=medium
* SECURITY UPDATE: code execution via crafted SHELLOPTS and PS4
(LP: #1689304)
- debian/patches/CVE-2016-7543.patch: check for root in variables.c.
- CVE-2016-7543
Date: 2019-11-08 13:55:21.947800+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Steve Langasek <steve.langasek at canonical.com>
https://launchpad.net/ubuntu/+source/bash/4.2-2ubuntu2.9
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list