Nom du paquet
bash
Date
2010-01-13
Advisory ID
MDVSA-2010:004
Affected versions
2009.0 x86_64 , MES5 i586 , MNF2.0 i586 , 2010.0 x86_64 , 2010.0 i586 , 2009.1 i586 , 2009.0 i586 , CS4.0 i586 , 2008.0 x86_64 , CS4.0 x86_64 , 2008.0 i586 , 2009.1 x86_64 , MES5 x86_64

Problem description

A vulnerability have been discovered in Mandriva bash package, which
could allow a malicious user to hide files from the ls command,
or garble its output by crafting files or directories which contain
special characters or escape sequences (CVE-2010-0002). This update
fixes the issue by disabling the display of control characters
by default.

Additionally, this update fixes the unsafe file creation in bash-doc
sample scripts (CVE-2008-5374).

Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.

Updated packages

2009.0 x86_64

 722257da6630ef64d3cc1b5d2937b5d9  2009.0/x86_64/bash-3.2-10.2mdv2009.0.x86_64.rpm
 cf190a45a8464b8d4a889ea1cbdd4f58  2009.0/x86_64/bash-doc-3.2-10.2mdv2009.0.x86_64.rpm 
 50864f104fdbc0304a918c832080532a  2009.0/SRPMS/bash-3.2-10.2mdv2009.0.src.rpm

MES5 i586

 5c62e881405cedd243385a783895bc14  mes5/i586/bash-3.2-10.2mdvmes5.i586.rpm
 84513f4df54a12c861e44d36bb0f700e  mes5/i586/bash-doc-3.2-10.2mdvmes5.i586.rpm 
 902376b0b61041449cf06be37ba40d63  mes5/SRPMS/bash-3.2-10.2mdvmes5.src.rpm

MNF2.0 i586

 5af56b5d52e8ba4ef591403098294ff1  mnf/2.0/i586/bash-2.05b-16.1.C30mdk.i586.rpm
 5ac71243bc151d3b0123f21d62f89449  mnf/2.0/i586/bash-doc-2.05b-16.1.C30mdk.i586.rpm 
 562bebc49856992e16d6add6c31bc4d8  mnf/2.0/SRPMS/bash-2.05b-16.1.C30mdk.src.rpm

2010.0 x86_64

 fc60a281e86eca4b3a127f195ed7f4e4  2010.0/x86_64/bash-4.0-7.1mdv2010.0.x86_64.rpm
 2e5d9c83494a78bbd08c37fb654f877e  2010.0/x86_64/bash-doc-4.0-7.1mdv2010.0.x86_64.rpm 
 3040686a1ac714a39e387d309a7dbcf8  2010.0/SRPMS/bash-4.0-7.1mdv2010.0.src.rpm

2010.0 i586

 d64d774979139e95507fac57f5fee411  2010.0/i586/bash-4.0-7.1mdv2010.0.i586.rpm
 da8fe2f7aebc606b995ca95b61296955  2010.0/i586/bash-doc-4.0-7.1mdv2010.0.i586.rpm 
 3040686a1ac714a39e387d309a7dbcf8  2010.0/SRPMS/bash-4.0-7.1mdv2010.0.src.rpm

2009.1 i586

 6c3fbcb61646e15d2080c3b0c25d9554  2009.1/i586/bash-3.2.48-3.1mdv2009.1.i586.rpm
 0dea3f4c28cf56e5b89c148de06ea9a2  2009.1/i586/bash-doc-3.2.48-3.1mdv2009.1.i586.rpm 
 28f87d961cd64e32788fb6456c1825d4  2009.1/SRPMS/bash-3.2.48-3.1mdv2009.1.src.rpm

2009.0 i586

 d27affe22ad63522d2b7542f94f986bb  2009.0/i586/bash-3.2-10.2mdv2009.0.i586.rpm
 e1da0b1b4c43833fa4912b839a355d84  2009.0/i586/bash-doc-3.2-10.2mdv2009.0.i586.rpm 
 50864f104fdbc0304a918c832080532a  2009.0/SRPMS/bash-3.2-10.2mdv2009.0.src.rpm

CS4.0 i586

 10520a3ac742b3ea75f8f266a67109fc  corporate/4.0/i586/bash-3.0-6.1.20060mlcs4.i586.rpm
 e67c99653e24cca3dfc14a5db52f28ea  corporate/4.0/i586/bash-doc-3.0-6.1.20060mlcs4.i586.rpm 
 836d9e055da30f19c3a940b4c2c6b7bf  corporate/4.0/SRPMS/bash-3.0-6.1.20060mlcs4.src.rpm

2008.0 x86_64

 6bfad3cb4f655787250007cd74bdfd16  2008.0/x86_64/bash-3.2-5.1mdv2008.0.x86_64.rpm
 48288451f5a9112dfd35c38e91dcb774  2008.0/x86_64/bash-doc-3.2-5.1mdv2008.0.x86_64.rpm 
 85a72f0f23e359a0e05604f774c287b4  2008.0/SRPMS/bash-3.2-5.1mdv2008.0.src.rpm

CS4.0 x86_64

 f0bdaa60c3201841e2e3372e62ece170  corporate/4.0/x86_64/bash-3.0-6.1.20060mlcs4.x86_64.rpm
 3def0fcac2c23da7a5e1312c73e35de2  corporate/4.0/x86_64/bash-doc-3.0-6.1.20060mlcs4.x86_64.rpm 
 836d9e055da30f19c3a940b4c2c6b7bf  corporate/4.0/SRPMS/bash-3.0-6.1.20060mlcs4.src.rpm

2008.0 i586

 f2e4b9971f76eb8c6a32f980f8891b64  2008.0/i586/bash-3.2-5.1mdv2008.0.i586.rpm
 613aa4f62598754748fc09da5c695b13  2008.0/i586/bash-doc-3.2-5.1mdv2008.0.i586.rpm 
 85a72f0f23e359a0e05604f774c287b4  2008.0/SRPMS/bash-3.2-5.1mdv2008.0.src.rpm

2009.1 x86_64

 95defbb4b2f16d98555416db6ce07d11  2009.1/x86_64/bash-3.2.48-3.1mdv2009.1.x86_64.rpm
 8753cfb24ec034cf7210093accfd24ba  2009.1/x86_64/bash-doc-3.2.48-3.1mdv2009.1.x86_64.rpm 
 28f87d961cd64e32788fb6456c1825d4  2009.1/SRPMS/bash-3.2.48-3.1mdv2009.1.src.rpm

MES5 x86_64

 dab84af7d1b08e98ffaf5a0a08f4c97f  mes5/x86_64/bash-3.2-10.2mdvmes5.x86_64.rpm
 bee4dcbfa1d5e22b8d94d69bca227153  mes5/x86_64/bash-doc-3.2-10.2mdvmes5.x86_64.rpm 
 902376b0b61041449cf06be37ba40d63  mes5/SRPMS/bash-3.2-10.2mdvmes5.src.rpm

References