Fixed released https://usn.ubuntu.com/4058-2/
** Changed in: bash (Ubuntu Trusty)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1803441
Title:
** Also affects: bash (Ubuntu Trusty)
Importance: Undecided
Status: New
** Changed in: bash (Ubuntu Trusty)
Status: New => In Progress
** Changed in: bash (Ubuntu Trusty)
Assignee: (unassigned) => Leonidas S. Barbosa (leosilvab)
--
You received this bug notification
This bug was fixed in the package bash - 4.3-14ubuntu1.4
---
bash (4.3-14ubuntu1.4) xenial-security; urgency=medium
* SECURITY UPDATE: rbash restriction bypass (LP: #1803441)
- debian/patches/CVE-2019-9924.patch: if the shell is restricted,
reject attempts to add
@Ricardo: Yes, that was my intent with the original report. I didn't
even know about the other issue when I submitted this issue.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1803441
Title:
After looking a bit more into this, it seems the issue in
https://lists.gnu.org/archive/html/bug-bash/2017-12/msg00065.html is
maybe not a real security concern, since rbash was wrongly configured.
Having . in PATH is not good with rbash and that makes the whole thing
flawed. So, we could say
I don't think they are the same issue. Or, at least, the first issue was
only partially fixed. I can see both Fedora 29 and Ubuntu 18.10 being
still affected by the issue outlined in
https://lists.gnu.org/archive/html/bug-bash/2017-12/msg00065.html,
though they are not affected by
I'm sorry Riccardo, I didn't notice the two separate BASH_CMDS issues when
I filed the request. The only mention in the changelog is:
> This document details the changes between this version, bash-4.4-beta2,
> and the previous version, bash-4.4-rc1.
>$
> [...]
>$
> d. Fixed a bug that allowed
Yes, that's basically the same issue.
It was patched upstream many years ago (2016 I recall) however as of
last fall Ubuntu old-LTS had not backported the fix. I used this bug to
escape from rbash during a security audit of a fully patched Ubuntu
system in October.
--
You received this bug
Is this about https://lists.gnu.org/archive/html/bug-
bash/2017-03/msg00077.html ? Or about https://lists.gnu.org/archive/html
/bug-bash/2017-12/msg00065.html ?
Apparently, both are very old flaws.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
CVE-2019-9924
Thanks
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-9924
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1803441
Title:
BASH_CMDS is writable in
I have not seen a CVE for the original upstream bug but cannot say with
certainty none was assigned.
The Ubuntu packaging issue definitely does not have one.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
Hi Andrew, thanks for reporting this. Do you know if a CVE was assigned
for this issue?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1803441
Title:
BASH_CMDS is writable in restricted bash
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1803441
Title:
BASH_CMDS is writable in restricted bash shells (fixed upstream,
13 matches
Mail list logo