Oracle alert ELSA-2017-1931 (bash)

From:
    	       Errata Announcements for Oracle Linux <el-errata@oss.oracle.com> 
To:
    	       el-errata@oss.oracle.com 
Subject:
    	       [El-errata] ELSA-2017-1931 Moderate: Oracle Linux 7 bash security and bug fix update 
Date:
    	       Tue, 8 Aug 2017 13:44:53 -0700
Message-ID:
    	       <512b50ff-1dd5-04a7-87e8-0ba534110db5@oracle.com>
Oracle Linux Security Advisory ELSA-2017-1931

http://linux.oracle.com/errata/ELSA-2017-1931.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
bash-4.2.46-28.el7.x86_64.rpm
bash-doc-4.2.46-28.el7.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/bash-4.2.46-28.el...

Description of changes:

[4.2.46-28]
- CVE-2016-9401 - Fix crash when '-' is passed as second sign to popd
   Resolves: #1429838

[4.2.46-27]
- CVE-2016-7543: Fix for arbitrary code execution via SHELLOPTS+PS4 
variables
   Resolves: #1426026

[4.2.46-26]
- CVE-2016-0634: Fix for arbitrary code execution via malicious hostname
   Resolves: #1379237

[4.2.46-25]
- Plug a leak related to compound assignments
   Resolves: #1264101

[4.2.46-24]
- Recognize cd -e
   Resolves: #1267478

[4.2.46-23]
- Add a condition before setting pipeline_pgrp to shell_pgrp
   Resolves: #1377496

[4.2.46-22]
- Avoid crash in parameter expansion while expanding long strings
   Resolves: #1403255

_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

From:		Errata Announcements for Oracle Linux <el-errata@oss.oracle.com>
To:		el-errata@oss.oracle.com
Subject:		[El-errata] ELSA-2017-1931 Moderate: Oracle Linux 7 bash security and bug fix update
Date:		Tue, 8 Aug 2017 13:44:53 -0700
Message-ID:		<512b50ff-1dd5-04a7-87e8-0ba534110db5@oracle.com>