bash (4.2-2ubuntu2.9) precise-security; urgency=medium
* SECURITY UPDATE: Heap-based buffer overflow
- debian/patches/CVE-2012-6711.patch: making u32cconv() return
the number of bytes instead a negative value in
lib/sh/unicode.c
- CVE-2012-6711
bash (4.2-2ubuntu2.8) precise-security; urgency=medium
* SECURITY UPDATE: rbash restriction bypass (LP: #1803441)
- debian/patches/CVE-2019-9924.patch: if the shell is restricted,
reject attempts to add pathnames containing slashes to the hash table
in variables.c.
- CVE-2019-9924
bash (4.2-2ubuntu2.7) precise-security; urgency=medium
* SECURITY UPDATE: code execution via crafted SHELLOPTS and PS4
(LP: #1689304)
- debian/patches/CVE-2016-7543.patch: check for root in variables.c.
- CVE-2016-7543
Date: 2019-11-08 13:55:21.947800+00:00
Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <ubuntu-archive-ro...@lists.canonical.com>
https://launchpad.net/ubuntu/+source/bash/4.2-2ubuntu2.9
Sorry, changesfile not available.
--
Precise-changes mailing list
Precise-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/precise-changes