MDVSA-2010:004
- Nom du paquet
- bash
- Date
- 2010-01-13
- Advisory ID
- MDVSA-2010:004
- Affected versions
- 2009.0 x86_64 , MES5 i586 , MNF2.0 i586 , 2010.0 x86_64 , 2010.0 i586 , 2009.1 i586 , 2009.0 i586 , CS4.0 i586 , 2008.0 x86_64 , CS4.0 x86_64 , 2008.0 i586 , 2009.1 x86_64 , MES5 x86_64
Problem description
A vulnerability have been discovered in Mandriva bash package, which
could allow a malicious user to hide files from the ls command,
or garble its output by crafting files or directories which contain
special characters or escape sequences (CVE-2010-0002). This update
fixes the issue by disabling the display of control characters
by default.
Additionally, this update fixes the unsafe file creation in bash-doc
sample scripts (CVE-2008-5374).
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
Updated packages
2009.0 x86_64
722257da6630ef64d3cc1b5d2937b5d9 2009.0/x86_64/bash-3.2-10.2mdv2009.0.x86_64.rpm cf190a45a8464b8d4a889ea1cbdd4f58 2009.0/x86_64/bash-doc-3.2-10.2mdv2009.0.x86_64.rpm 50864f104fdbc0304a918c832080532a 2009.0/SRPMS/bash-3.2-10.2mdv2009.0.src.rpm
MES5 i586
5c62e881405cedd243385a783895bc14 mes5/i586/bash-3.2-10.2mdvmes5.i586.rpm 84513f4df54a12c861e44d36bb0f700e mes5/i586/bash-doc-3.2-10.2mdvmes5.i586.rpm 902376b0b61041449cf06be37ba40d63 mes5/SRPMS/bash-3.2-10.2mdvmes5.src.rpm
MNF2.0 i586
5af56b5d52e8ba4ef591403098294ff1 mnf/2.0/i586/bash-2.05b-16.1.C30mdk.i586.rpm 5ac71243bc151d3b0123f21d62f89449 mnf/2.0/i586/bash-doc-2.05b-16.1.C30mdk.i586.rpm 562bebc49856992e16d6add6c31bc4d8 mnf/2.0/SRPMS/bash-2.05b-16.1.C30mdk.src.rpm
2010.0 x86_64
fc60a281e86eca4b3a127f195ed7f4e4 2010.0/x86_64/bash-4.0-7.1mdv2010.0.x86_64.rpm 2e5d9c83494a78bbd08c37fb654f877e 2010.0/x86_64/bash-doc-4.0-7.1mdv2010.0.x86_64.rpm 3040686a1ac714a39e387d309a7dbcf8 2010.0/SRPMS/bash-4.0-7.1mdv2010.0.src.rpm
2010.0 i586
d64d774979139e95507fac57f5fee411 2010.0/i586/bash-4.0-7.1mdv2010.0.i586.rpm da8fe2f7aebc606b995ca95b61296955 2010.0/i586/bash-doc-4.0-7.1mdv2010.0.i586.rpm 3040686a1ac714a39e387d309a7dbcf8 2010.0/SRPMS/bash-4.0-7.1mdv2010.0.src.rpm
2009.1 i586
6c3fbcb61646e15d2080c3b0c25d9554 2009.1/i586/bash-3.2.48-3.1mdv2009.1.i586.rpm 0dea3f4c28cf56e5b89c148de06ea9a2 2009.1/i586/bash-doc-3.2.48-3.1mdv2009.1.i586.rpm 28f87d961cd64e32788fb6456c1825d4 2009.1/SRPMS/bash-3.2.48-3.1mdv2009.1.src.rpm
2009.0 i586
d27affe22ad63522d2b7542f94f986bb 2009.0/i586/bash-3.2-10.2mdv2009.0.i586.rpm e1da0b1b4c43833fa4912b839a355d84 2009.0/i586/bash-doc-3.2-10.2mdv2009.0.i586.rpm 50864f104fdbc0304a918c832080532a 2009.0/SRPMS/bash-3.2-10.2mdv2009.0.src.rpm
CS4.0 i586
10520a3ac742b3ea75f8f266a67109fc corporate/4.0/i586/bash-3.0-6.1.20060mlcs4.i586.rpm e67c99653e24cca3dfc14a5db52f28ea corporate/4.0/i586/bash-doc-3.0-6.1.20060mlcs4.i586.rpm 836d9e055da30f19c3a940b4c2c6b7bf corporate/4.0/SRPMS/bash-3.0-6.1.20060mlcs4.src.rpm
2008.0 x86_64
6bfad3cb4f655787250007cd74bdfd16 2008.0/x86_64/bash-3.2-5.1mdv2008.0.x86_64.rpm 48288451f5a9112dfd35c38e91dcb774 2008.0/x86_64/bash-doc-3.2-5.1mdv2008.0.x86_64.rpm 85a72f0f23e359a0e05604f774c287b4 2008.0/SRPMS/bash-3.2-5.1mdv2008.0.src.rpm
CS4.0 x86_64
f0bdaa60c3201841e2e3372e62ece170 corporate/4.0/x86_64/bash-3.0-6.1.20060mlcs4.x86_64.rpm 3def0fcac2c23da7a5e1312c73e35de2 corporate/4.0/x86_64/bash-doc-3.0-6.1.20060mlcs4.x86_64.rpm 836d9e055da30f19c3a940b4c2c6b7bf corporate/4.0/SRPMS/bash-3.0-6.1.20060mlcs4.src.rpm
2008.0 i586
f2e4b9971f76eb8c6a32f980f8891b64 2008.0/i586/bash-3.2-5.1mdv2008.0.i586.rpm 613aa4f62598754748fc09da5c695b13 2008.0/i586/bash-doc-3.2-5.1mdv2008.0.i586.rpm 85a72f0f23e359a0e05604f774c287b4 2008.0/SRPMS/bash-3.2-5.1mdv2008.0.src.rpm
2009.1 x86_64
95defbb4b2f16d98555416db6ce07d11 2009.1/x86_64/bash-3.2.48-3.1mdv2009.1.x86_64.rpm 8753cfb24ec034cf7210093accfd24ba 2009.1/x86_64/bash-doc-3.2.48-3.1mdv2009.1.x86_64.rpm 28f87d961cd64e32788fb6456c1825d4 2009.1/SRPMS/bash-3.2.48-3.1mdv2009.1.src.rpm
MES5 x86_64
dab84af7d1b08e98ffaf5a0a08f4c97f mes5/x86_64/bash-3.2-10.2mdvmes5.x86_64.rpm bee4dcbfa1d5e22b8d94d69bca227153 mes5/x86_64/bash-doc-3.2-10.2mdvmes5.x86_64.rpm 902376b0b61041449cf06be37ba40d63 mes5/SRPMS/bash-3.2-10.2mdvmes5.src.rpm