SUSE-SU-2019:0838-1

UNKNOWN

Security update for bash

Published Apr 2, 2019

Modified 6 years ago

Fix available

Details

This update for bash fixes the following issues:

Security issue fixed:

CVE-2019-9924: Fixed a vulnerability in which shell did not prevent user BASH_CMDS allowing the user to execute any command with the permissions of the shell (bsc#1130324).

Affected Packages

bash

SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4SUSE Linux Enterprise Server 12 SP3SUSE Linux Enterprise Server 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP3

Fixed in:

4.3-83.23.1

bash-doc

SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4SUSE Linux Enterprise Server 12 SP3SUSE Linux Enterprise Server 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP3

Fixed in:

4.3-83.23.1

bash-lang

SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4SUSE Linux Enterprise Workstation Extension 12 SP3SUSE Linux Enterprise Workstation Extension 12 SP4

Fixed in:

4.3-83.23.1

libreadline6

SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4SUSE Linux Enterprise Server 12 SP3SUSE Linux Enterprise Server 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP3

Fixed in:

6.3-83.23.1

libreadline6-32bit

SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4SUSE Linux Enterprise Server 12 SP3SUSE Linux Enterprise Server 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP3

Fixed in:

6.3-83.23.1

readline-doc

SUSE Linux Enterprise Desktop 12 SP3SUSE Linux Enterprise Desktop 12 SP4SUSE Linux Enterprise Server 12 SP3SUSE Linux Enterprise Server 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP3

Fixed in:

6.3-83.23.1

bash-devel

SUSE Linux Enterprise Software Development Kit 12 SP3SUSE Linux Enterprise Software Development Kit 12 SP4

Fixed in:

4.3-83.23.1

readline-devel

SUSE Linux Enterprise Software Development Kit 12 SP3SUSE Linux Enterprise Software Development Kit 12 SP4

Fixed in:

6.3-83.23.1

References

REPORT