Bug 20272

Summary: bash new security issue CVE-2017-5932
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Shlomi Fish <shlomif>
Status: RESOLVED INVALID QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: mageia, marja11
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA5TOO
Source RPM: bash-4.3-48.2.1.mga5.src.rpm CVE: CVE-2017-5932
Status comment:

Description David Walser 2017-02-12 17:02:17 CET 
A CVE has been assigned for a security issue fixed upstream in bash:
http://openwall.com/lists/oss-security/2017/02/08/3

Currently it has only been fixed in 4.4 and not 4.3 yet.

Mageia 5 is also affected.
David Walser 2017-02-12 17:02:35 CET

Whiteboard: (none) => MGA5TOO

Comment 1 Marja Van Waes 2017-02-13 11:36:45 CET 
Assigning to the registered maintainer.

CC: (none) => marja11
Assignee: bugsquad => shlomif

Nicolas Lécureuil 2017-04-24 16:25:03 CEST

CVE: (none) => CVE-2017-5932
CC: (none) => mageia

Comment 2 Nicolas Lécureuil 2017-05-02 15:47:04 CEST 
this bug is from version 4.4 so we are not afffected ( see https://github.com/jheyens/bash_completion_vuln/raw/master/2017-01-17.bash_completion_report.pdf )

Status: NEW => RESOLVED
Resolution: (none) => INVALID