openSUSE Security Update: bash: security and bugfix update
______________________________________________________________________________
Announcement ID:    openSUSE-SU-2014:1226-1
Rating:             critical
References:         #868822 #895475 #896776 
Cross-References:   CVE-2014-2524 CVE-2014-6271
Affected Products:
                    openSUSE 13.1
                    openSUSE 12.3
______________________________________________________________________________
   An update that solves two vulnerabilities and has one
   errata is now available.
Description:
   bash was updated to fix a critical security issue, a minor security issue
   and bugs:
   In some circumstances, the shell would evaluate shellcode in environment
   variables passed at startup time. This allowed code execution by local or
   remote attackers who could pass environment variables to bash scripts.
   (CVE-2014-6271)
   Fixed a temporary file misuse in _rl_tropen (bnc#868822) Even if used only
   by developers to debug readline library do not
   open temporary files from public location without O_EXCL  (CVE-2014-2524)
   Additional bugfixes:
   – Backported corrected german error message for a failing getpwd
     (bnc#895475)
   – Add bash upstream patch 47 to fix a problem where the function that
     shortens pathnames for $PS1 according to the value of $PROMPT_DIRTRIM
     uses memcpy on potentially-overlapping regions
     of memory, when it should use memmove.  The result is garbled pathnames
      in prompt strings.
   – Add bash upstream patch 46 to fix a problem introduced by patch 32 a
     problem with “$@” and arrays expanding empty positional parameters or
     array elements when using substring expansion, pattern substitution, or
     case modfication.  The empty parameters
     or array elements are removed instead of expanding to empty strings (“”).
   – Add bash-4.2-strcpy.patch from upstream mailing list to patch collection
     tar ball to avoid when using \w in the prompt and changing the directory
     outside of HOME the a strcpy work on
     overlapping memory areas.
Patch Instructions:
   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:
– openSUSE 13.1:
zypper in -t patch openSUSE-2014-559
– openSUSE 12.3:
zypper in -t patch openSUSE-2014-559
To bring your system up-to-date, use “zypper patch”.
Package List:
– openSUSE 13.1 (i586 x86_64):
      bash-4.2-68.4.1
      bash-debuginfo-4.2-68.4.1
      bash-debugsource-4.2-68.4.1
      bash-devel-4.2-68.4.1
      bash-loadables-4.2-68.4.1
      bash-loadables-debuginfo-4.2-68.4.1
      libreadline6-6.2-68.4.1
      libreadline6-debuginfo-6.2-68.4.1
      readline-devel-6.2-68.4.1
– openSUSE 13.1 (x86_64):
      bash-debuginfo-32bit-4.2-68.4.1
      libreadline6-32bit-6.2-68.4.1
      libreadline6-debuginfo-32bit-6.2-68.4.1
      readline-devel-32bit-6.2-68.4.1
– openSUSE 13.1 (noarch):
      bash-doc-4.2-68.4.1
      bash-lang-4.2-68.4.1
      readline-doc-6.2-68.4.1
– openSUSE 12.3 (i586 x86_64):
      bash-4.2-61.9.1
      bash-debuginfo-4.2-61.9.1
      bash-debugsource-4.2-61.9.1
      bash-devel-4.2-61.9.1
      bash-loadables-4.2-61.9.1
      bash-loadables-debuginfo-4.2-61.9.1
      libreadline6-6.2-61.9.1
      libreadline6-debuginfo-6.2-61.9.1
      readline-devel-6.2-61.9.1
– openSUSE 12.3 (x86_64):
      bash-debuginfo-32bit-4.2-61.9.1
      libreadline6-32bit-6.2-61.9.1
      libreadline6-debuginfo-32bit-6.2-61.9.1
      readline-devel-32bit-6.2-61.9.1
– openSUSE 12.3 (noarch):
      bash-doc-4.2-61.9.1
      bash-lang-4.2-61.9.1
      readline-doc-6.2-61.9.1
References:
   http://support.novell.com/security/cve/CVE-2014-2524.html
   http://support.novell.com/security/cve/CVE-2014-6271.html
   https://bugzilla.suse.com/show_bug.cgi?id=868822
   https://bugzilla.suse.com/show_bug.cgi?id=895475
   https://bugzilla.suse.com/show_bug.cgi?id=896776
— 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org



