bash-4.1.2-48.AXS4
エラータID: AXSA:2017-1370:02
The GNU Bourne Again shell (Bash) is a shell or command language
interpreter that is compatible with the Bourne shell (sh). Bash
incorporates useful features from the Korn shell (ksh) and the C shell
(csh). Most sh scripts can be run by bash without modification.
Security issues fixed with this release:
CVE-2016-0634
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-7543
Bash before 4.4 allows local users to execute arbitrary commands with
root privileges via crafted SHELLOPTS and PS4 environment variables.
CVE-2016-9401
popd in bash might allow local users to bypass the restricted shell
and cause a use-after-free via a crafted address.
Additional Changes:
Update package.
The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine.
Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables.
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.
N/A
SRPMS
- bash-4.1.2-48.AXS4.src.rpm
MD5: 450c3395452df703a0bb9dd02dfd958b
SHA-256: a74dba047af24fdbe996606bc572e296b7bbd62587559954b5f49df93b285be7
Size: 6.38 MB
Asianux Server 4 for x86
- bash-4.1.2-48.AXS4.i686.rpm
MD5: 0f7c54b9cf1e3b9dacffb6b6b2bb995a
SHA-256: 75b09cfc69d8eafbd608d14043d644b39842728eb5aa7c43bc80fc5575034280
Size: 891.32 kB
Asianux Server 4 for x86_64
- bash-4.1.2-48.AXS4.x86_64.rpm
MD5: c316545b3940684154683fb793be0ec6
SHA-256: 4e3a6934b0040476f1db63417f6d62cc6c0bc409f6655be8586935a14366e06d
Size: 909.36 kB
日本語