Advisories » MGASA-2019-0163

Updated bash packages fix security vulnerability

Publication date: 12 May 2019
Modification date: 12 May 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2019-9924

Description

Updated bash package fixes security vulnerability:

A vulnerability in which shell did not prevent user BASH_CMDS, allowing
the user to execute any command with the permissions of the shell
(CVE-2019-9924).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=24751
• https://lists.opensuse.org/opensuse-updates/2019-04/msg00093.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9924

SRPMS

6/core

• bash-4.3-48.4.mga6