Skip to content
This repository has been archived by the owner on Mar 16, 2022. It is now read-only.

1.122.0
Compare
Choose a tag to compare
@cf-buildpacks-eng cf-buildpacks-eng released this 18 May 04:47
· 170 commits to master since this release
1.122.0
c459b74

Notably, this release addresses:

USN-3294-1 Ubuntu Security Notice USN-3294-1:

  • CVE-2016-0634: bash prompt expanding $HOSTNAME
  • CVE-2016-7543: Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables.
  • CVE-2016-9401: popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.
  • CVE-2017-5932: The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted filename starting with a " (double quote) character and a command substitution metacharacter.
-ii  bash  4.3-7ubuntu1.6  amd64  GNU Bourne Again SHell
+ii  bash  4.3-7ubuntu1.7  amd64  GNU Bourne Again SHell
Assets 3