Publishing details

Published on 2016-12-16
Copied from ubuntu trusty in PPA for Ubuntu Security Proposed

Changelog

bash (4.3-7ubuntu1.5) trusty-security; urgency=medium

  * SECURITY UPDATE: incorrect function definition parsing with
    here-document delimited by end-of-file
    - debian/patches/CVE-2014-6277.diff: properly handle closing delimiter
      in copy_cmd.c, make_cmd.c.
    - CVE-2014-6277
  * SECURITY UPDATE: incorrect function definition parsing via nested
    command substitutions
    - debian/patches/CVE-2014-6278.diff: properly handle certain parsing
      attempts in builtins/evalstring.c, parse.y, shell.h, y.tab.c.
    - CVE-2014-6278
  * Updated patches with official upstream versions:
    - debian/patches/CVE-2014-6271.diff
    - debian/patches/CVE-2014-7169.diff
    - debian/patches/variables-affix.diff
    - debian/patches/CVE-2014-718x.diff
 -- Marc Deslauriers <email address hidden>   Tue, 07 Oct 2014 10:50:12 -0400

Available diffs

diff from 4.3-7ubuntu1.4 to 4.3-7ubuntu1.5 (17.9 KiB)

Builds

Package files

bash_4.3-7ubuntu1.5.debian.tar.gz (95.6 KiB)
bash_4.3-7ubuntu1.5.dsc (2.2 KiB)
bash_4.3.orig.tar.gz (7.2 MiB)