[Oraclevm-errata] OVMSA-2014-0020 Critical: Oracle VM 2.2 bash security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Thu Sep 25 09:18:24 PDT 2014


Oracle VM Security Advisory OVMSA-2014-0020

The following updated rpms for Oracle VM 2.2 have been uploaded to the 
Unbreakable Linux Network:

i386:
bash-3.2-33.el5.1.i386.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/2.2/SRPMS-updates/bash-3.2-33.el5.1.src.rpm



Description of changes:

[3.2-33.1]
- Check for fishy environment
    Resolves: #1141644

[3.2-33]
- Fixed a bug that caused trap handlers to be executed recursively,
    corrupting internal data structures.
    Resolves: #964753

[3.2-32]
- Don't include backup files
    Resolves: #700157

[3.2-31]
- Use `mktemp' for temporary files
    Resolves: #700157

[3.2-30]
- Added man page references to systemwide .bash_logout
    Resolves: #592979

[3.2-29]
- Readline glitch, when editing line with more spaces and resizing window
    Resolves: #525474


[3.2-28]
- Fix the memory leak in read builtin
    Resolves: #618393
- Don't append slash to non-directories
    Resolves: #583919

[3.2-27]
- Test .dynamic section if has PROGBITS or NOBITS
    Resolves: #484809
- Better random number generator
    Resolves: #492908
- Allow to source scripts with embeded NULL chars
    Resolves: #503701

[3.2-26]
- vi mode redo insert fixed
    Resolves: #575076
- Don't show broken pipe messages for builtins
    Resolves: #546529
- Don't include loadables in doc dir
    Resolves: #663656
- Enable system-wide .bash_logout for login shells
    Resolves: #592979

[3.2-25]
- Don't abort source builtin
    Resolves: #448508
- Correctly place cursor
    Resolves: #463880
- Minor man page clarification for trap builtin
    Resolves: #504904





More information about the Oraclevm-errata mailing list