USN-2363-1: Bash vulnerability
25 September 2014
Bash allowed bypassing environment restrictions in certain environments.
Releases
Packages
- bash - GNU Bourne Again SHell
Details
Tavis Ormandy discovered that the security fix for Bash included in
USN-2362-1 was incomplete. An attacker could use this issue to bypass
certain environment restrictions. (CVE-2014-7169)
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04
Ubuntu 12.04
Ubuntu 10.04
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-2363-2: bash-static, bash, bash-builtins, bash-doc