Bugtraq mailing list archives

Immunix OS Security update for bash 1.x

From: Greg KH <greg () WIREX COM>
Date: Thu, 30 Nov 2000 11:42:40 -0800

-----------------------------------------------------------------------
        Immunix OS Security Advisory

Packages updated:       bash1
Effected products:      Immunix OS 6.2
Bugs Fixed:             immunix/1296
Date:                   November 30, 2000
Advisory ID:            IMNX-2000-62-043-01
Author:                 Greg Kroah-Hartman <greg () wirex com>
-----------------------------------------------------------------------

Description:
  The << operator in bash 1.x used predictable filenames, which could
  lead to a potential denial of service attack.  This is the same
  vulnerability that tsch had.  It does not exist in bash2 

Package names and locations:
  Precompiled binary packages for Immunix 6.2 are available at:
    http://www.immunix.org/ImmunixOS/6.2/updates/RPMS/bash-1.14.7-23.6x_StackGuard.i386.rpm

  Source packages for Immunix 6.2 are available at:
    http://www.immunix.org/ImmunixOS/6.2/updates/SRPMS/bash-1.14.7-23.6x_StackGuard.src.rpm

md5sums of the packages:
  7811263e6a87a4334148ded8aa007007  bash-1.14.7-23.6x_StackGuard.i386.rpm
  001a53eb0da5feb3b26d959586b3486a  bash-1.14.7-23.6x_StackGuard.src.rpm

Online location of all updates for Immunix 6.2:
   http://www.immunix.org/ImmunixOS/6.2/updates/

Attachment: _bin
Description:

Current thread:

Immunix OS Security update for bash 1.x Greg KH (Dec 01)