OracleVM 3.2 : bash (OVMSA-2014-0019)

high Nessus Plugin ID 78235

Synopsis

The remote OracleVM host is missing a security update.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

- Check for fishy environment Resolves: #1141644

- Fixed a bug that caused trap handlers to be executed recursively, corrupting internal data structures.
Resolves: #964753

- Don't include backup files Resolves: #700157

- Use `mktemp' for temporary files Resolves: #700157

- Added man page references to systemwide .bash_logout Resolves: #592979

- Readline glitch, when editing line with more spaces and resizing window Resolves: #525474

- Fix the memory leak in read builtin Resolves: #618393

- Don't append slash to non-directories Resolves: #583919

- Test .dynamic section if has PROGBITS or NOBITS Resolves: #484809

- Better random number generator Resolves: #492908

- Allow to source scripts with embeded NULL chars Resolves: #503701

- vi mode redo insert fixed Resolves: #575076

- Don't show broken pipe messages for builtins Resolves:
#546529

- Don't include loadables in doc dir Resolves: #663656

- Enable system-wide .bash_logout for login shells Resolves: #592979

- Don't abort source builtin Resolves: #448508

- Correctly place cursor Resolves: #463880

- Minor man page clarification for trap builtin Resolves:
#504904

Solution

Update the affected bash package.

See Also

http://www.nessus.org/u?93476dbb

Plugin Details

Severity: High

ID: 78235

File Name: oraclevm_OVMSA-2014-0019.nasl

Version: 1.8

Type: local

Published: 10/10/2014

Updated: 1/4/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:bash, cpe:/o:oracle:vm_server:3.2

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Patch Publication Date: 9/25/2014

Vulnerability Publication Date: 9/25/2014