Advisories ยป MGASA-2017-0005

Updated bash packages fix security vulnerability

Publication date: 06 Jan 2017
Modification date: 06 Jan 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-9401

Description

In Bash, the popd command can be tricked to free a user supplied
address, which could be used to bypass restricted shells (rsh) on some
environments to cause use-after-free (CVE-2016-9401).
                

References

SRPMS

5/core