Oval Definition:oval:org.opensuse.security:def:57299
Revision Date:2020-12-01Version:1
Title:Security update for bash
Description:



The command-line shell 'bash' evaluates environment variables, which allows the injection of characters and might be used to access files on the system in some circumstances (CVE-2014-7169).

Please note that this issue is different from a previously fixed vulnerability tracked under CVE-2014-6271 and is less serious due to the special, non-default system configuration that is needed to create an exploitable situation.

To remove further exploitation potential we now limit the function-in-environment variable to variables prefixed with BASH_FUNC_. This hardening feature is work in progress and might be improved in later updates.

Additionally, two other security issues have been fixed:

* CVE-2014-7186: Nested HERE documents could lead to a crash of bash. * CVE-2014-7187: Nesting of for loops could lead to a crash of bash.

Security Issues:

* CVE-2014-7169 * CVE-2014-7186 * CVE-2014-7187

Family:unixClass:patch
Status:Reference(s):1012102
1012103
1012104
1013653
1013655
1013663
1027282
1027519
1028075
1033091
1034870
1034872
1034876
1036976
1036977
1036978
1036980
1036981
1036982
1036983
1036984
1036985
1036986
1036987
1036988
1036989
1036990
1036991
1037527
1038000
1040025
1040303
1040304
1040306
1040332
1041090
1042670
1049692
1050459
1054285
1068032
1073269
1073748
1078326
1078485
1081750
1084650
1086001
1087082
1087083
1096141
1100147
1103098
1107832
1108963
1110233
1111331
1130680
1135715
1136085
1148931
1149792
1150733
1153830
1155094
1159035
1159723
1159729
1162224
1162367
1162825
1164825
1165894
1170411
1171561
1171928
864364
898346
898603
898604
945401
CVE-2012-3547
CVE-2013-6493
CVE-2014-2015
CVE-2014-7169
CVE-2014-7186
CVE-2014-7187
CVE-2016-9634
CVE-2016-9635
CVE-2016-9636
CVE-2016-9807
CVE-2016-9808
CVE-2016-9810
CVE-2017-13720
CVE-2017-13722
CVE-2017-5715
CVE-2017-5753
CVE-2017-6502
CVE-2017-7606
CVE-2017-7941
CVE-2017-7942
CVE-2017-7943
CVE-2017-8343
CVE-2017-8344
CVE-2017-8345
CVE-2017-8346
CVE-2017-8347
CVE-2017-8348
CVE-2017-8349
CVE-2017-8350
CVE-2017-8351
CVE-2017-8352
CVE-2017-8353
CVE-2017-8354
CVE-2017-8355
CVE-2017-8356
CVE-2017-8357
CVE-2017-8765
CVE-2017-8830
CVE-2017-9098
CVE-2017-9141
CVE-2017-9142
CVE-2017-9143
CVE-2017-9144
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-14633
CVE-2018-14634
CVE-2018-17182
CVE-2018-20815
CVE-2018-3639
CVE-2018-3640
CVE-2018-5391
CVE-2019-0221
CVE-2019-11091
CVE-2019-12418
CVE-2019-17563
CVE-2019-17569
CVE-2019-18348
CVE-2019-3689
CVE-2019-8595
CVE-2019-8607
CVE-2019-8615
CVE-2019-8644
CVE-2019-8649
CVE-2019-8658
CVE-2019-8666
CVE-2019-8669
CVE-2019-8671
CVE-2019-8672
CVE-2019-8673
CVE-2019-8676
CVE-2019-8677
CVE-2019-8678
CVE-2019-8679
CVE-2019-8680
CVE-2019-8681
CVE-2019-8683
CVE-2019-8684
CVE-2019-8686
CVE-2019-8687
CVE-2019-8688
CVE-2019-8689
CVE-2019-8690
CVE-2019-9674
CVE-2020-8492
CVE-2020-9484
SUSE-SU-2016:3303-1
SUSE-SU-2017:1489-1
SUSE-SU-2018:0114-1
SUSE-SU-2018:0334-1
SUSE-SU-2018:1935-1
SUSE-SU-2019:1349-1
SUSE-SU-2019:2345-2
SUSE-SU-2019:2771-1
SUSE-SU-2020:1497-1
SUSE-SU-2020:1524-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • NetworkManager-applet-1.8.10-lp150.3 is installed
  • OR NetworkManager-applet-lang-1.8.10-lp150.3 is installed
  • OR NetworkManager-connection-editor-1.8.10-lp150.3 is installed
  • OR libnm-gtk0-1.8.10-lp150.3 is installed
  • OR libnma0-1.8.10-lp150.3 is installed
  • OR nma-data-1.8.10-lp150.3 is installed
  • OR typelib-1_0-NMGtk-1_0-1.8.10-lp150.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libecpg6-10.9-lp151.2.3 is installed
  • OR libecpg6-32bit-10.9-lp151.2.3 is installed
  • OR libpq5-10.9-lp151.2.3 is installed
  • OR libpq5-32bit-10.9-lp151.2.3 is installed
  • OR postgresql10-10.9-lp151.2.3 is installed
  • OR postgresql10-contrib-10.9-lp151.2.3 is installed
  • OR postgresql10-devel-10.9-lp151.2.3 is installed
  • OR postgresql10-docs-10.9-lp151.2.3 is installed
  • OR postgresql10-plperl-10.9-lp151.2.3 is installed
  • OR postgresql10-plpython-10.9-lp151.2.3 is installed
  • OR postgresql10-pltcl-10.9-lp151.2.3 is installed
  • OR postgresql10-server-10.9-lp151.2.3 is installed
  • OR postgresql10-test-10.9-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • bash-3.2-147.22 is installed
  • OR bash-doc-3.2-147.22 is installed
  • OR libreadline5-5.2-147.22 is installed
  • OR libreadline5-32bit-5.2-147.22 is installed
  • OR readline-doc-5.2-147.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_85-default-8-2 is installed
  • OR kgraft-patch-3_12_74-60_64_85-xen-8-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_26-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • freeradius-server-3.0.3-10 is installed
  • OR freeradius-server-doc-3.0.3-10 is installed
  • OR freeradius-server-krb5-3.0.3-10 is installed
  • OR freeradius-server-ldap-3.0.3-10 is installed
  • OR freeradius-server-libs-3.0.3-10 is installed
  • OR freeradius-server-mysql-3.0.3-10 is installed
  • OR freeradius-server-perl-3.0.3-10 is installed
  • OR freeradius-server-postgresql-3.0.3-10 is installed
  • OR freeradius-server-python-3.0.3-10 is installed
  • OR freeradius-server-sqlite-3.0.3-10 is installed
  • OR freeradius-server-utils-3.0.3-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • ntp-4.2.8p11-64.5 is installed
  • OR ntp-doc-4.2.8p11-64.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_80-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_22-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND libtcnative-1-0-1.1.34-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libdcerpc-binding0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc-binding0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-krb5pac0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-krb5pac0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-nbt0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-nbt0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-standard0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-standard0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libnetapi0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libnetapi0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-credentials0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-credentials0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-errors0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-errors0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-hostconfig0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-hostconfig0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-passdb0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-passdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-util0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamdb0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbclient0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbconf0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbconf0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbldap0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbldap0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libtevent-util0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libtevent-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libwbclient0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libwbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-client-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-client-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-doc-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-libs-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-libs-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-winbind-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-winbind-32bit-4.6.16+git.169.064abe062be-3.46 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libgcrypt-1.6.1-16.68 is installed
  • OR libgcrypt20-1.6.1-16.68 is installed
  • OR libgcrypt20-32bit-1.6.1-16.68 is installed
  • OR libgcrypt20-hmac-1.6.1-16.68 is installed
  • OR libgcrypt20-hmac-32bit-1.6.1-16.68 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • liblouis-2.6.4-6.6 is installed
  • OR liblouis-data-2.6.4-6.6 is installed
  • OR liblouis9-2.6.4-6.6 is installed
  • OR python-louis-2.6.4-6.6 is installed
  • OR python3-louis-2.6.4-6.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.30-30.46 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND ucode-intel-20180703-13.25 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • perl-5.18.2-12.20 is installed
  • OR perl-32bit-5.18.2-12.20 is installed
  • OR perl-base-5.18.2-12.20 is installed
  • OR perl-doc-5.18.2-12.20 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • dovecot22-2.2.31-19.17 is installed
  • OR dovecot22-backend-mysql-2.2.31-19.17 is installed
  • OR dovecot22-backend-pgsql-2.2.31-19.17 is installed
  • OR dovecot22-backend-sqlite-2.2.31-19.17 is installed
    • BACK