Summary: | <sys-apps/util-linux-2.30.2-r1: code execution in bash-completion for umount (CVE-2018-7738) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | critical | CC: | base-system |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2018/03/07/2 | ||
Whiteboard: | A1 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2018-03-07 08:20:20 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=da1d16289d67d7d99ec17e1d04f0aa0bbab5c7b8 commit da1d16289d67d7d99ec17e1d04f0aa0bbab5c7b8 Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2018-03-07 09:27:46 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2018-03-07 09:27:46 +0000 sys-apps/util-linux: Revbump fix bash-completion umount code execution Committed straight to stable. Bug: https://bugs.gentoo.org/649812 Package-Manager: Portage-2.3.24, Repoman-2.3.6 .../util-linux-2.32_rc2-umount_completion.patch | 41 ++++++++++++++++++++++ ...x-2.30.2.ebuild => util-linux-2.30.2-r1.ebuild} | 4 +++ ...x-2.31.1.ebuild => util-linux-2.31.1-r1.ebuild} | 4 +++ 3 files changed, 49 insertions(+)} New GLSA request filed. This issue was resolved and addressed in GLSA 201803-02 at https://security.gentoo.org/glsa/201803-02 by GLSA coordinator Thomas Deutschmann (whissi). |