stable

bash-4.3.42-6.fc24

FEDORA-2016-a822b472c4 created by dkaspar 6 years ago for Fedora 24

Security fix for CVE-2016-0634.

Logout Required
After installing this update it is required that you logout of your current user session and log back in to ensure the changes supplied by this update are applied properly.

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2016-a822b472c4

This update has been submitted for testing by dkaspar.

6 years ago
User Icon dhgutteridge commented & provided feedback 6 years ago
karma

No regressions noted.

User Icon fszymanski commented & provided feedback 6 years ago
karma

Works for me.

User Icon dkaspar commented & provided feedback 6 years ago

I'm not able to execute the reproducer with new package in fresh F24 installation ->> the vulnerability seems to be fixed.

BZ#1377614 CVE-2016-0634 bash: Arbitrary code execution via malicious hostname [fedora-all]
BZ#1377613 CVE-2016-0634 bash: Arbitrary code execution via malicious hostname
User Icon yuwata commented & provided feedback 6 years ago
karma

works for me

This update has been pushed to testing.

6 years ago

This update has been submitted for stable by bodhi.

6 years ago

This update has been pushed to stable.

6 years ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
6 years ago
in testing
6 years ago
in stable
6 years ago
BZ#1377613 CVE-2016-0634 bash: Arbitrary code execution via malicious hostname
0
1
BZ#1377614 CVE-2016-0634 bash: Arbitrary code execution via malicious hostname [fedora-all]
0
1

Automated Test Results