[Touch-packages] [Bug 1374375] Re: CVE-2014-7186: bash crashed with SIGSEGV in list_reverse()

2014-09-27 Thread Marc Deslauriers 
This is now fixed:
http://www.ubuntu.com/usn/usn-2364-1/

** Changed in: bash (Ubuntu Precise)
   Status: Confirmed = Fix Released

** Changed in: bash (Ubuntu Trusty)
   Status: Confirmed = Fix Released

** Changed in: bash (Ubuntu Lucid)
   Status: Confirmed = Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1374375

Title:
  CVE-2014-7186: bash crashed with SIGSEGV in list_reverse()

Status in “bash” package in Ubuntu:
  Fix Committed
Status in “bash” source package in Lucid:
  Fix Released
Status in “bash” source package in Precise:
  Fix Released
Status in “bash” source package in Trusty:
  Fix Released
Status in “bash” source package in Utopic:
  Fix Committed

Bug description:
  Reproduced with

  bash -c 'true EOF EOF EOF EOF EOF EOF EOF EOF EOF
  EOF EOF EOF EOF EOF EOF EOF EOF EOF'

  http://seclists.org/oss-sec/2014/q3/712

  ProblemType: Crash
  DistroRelease: Ubuntu 14.10
  Package: bash 4.3-9ubuntu2
  ProcVersionSignature: Ubuntu 3.16.0-17.23-generic 3.16.3
  Uname: Linux 3.16.0-17-generic x86_64
  NonfreeKernelModules: openafs
  ApportVersion: 2.14.7-0ubuntu2
  Architecture: amd64
  CurrentDesktop: GNOME
  Date: Fri Sep 26 05:42:50 2014
  EcryptfsInUse: Yes
  ExecutablePath: /bin/bash
  InstallationDate: Installed on 2014-08-22 (35 days ago)
  InstallationMedia: Ubuntu-GNOME 14.10 Utopic Unicorn - Alpha amd64 
(20140730)
  ProcCmdline: bash -c true\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF\ 
EOF\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF
  SegvAnalysis:
   Segfault happened at: 0x46cfc3 list_reverse+19:mov(%rax),%rdx
   PC (0x0046cfc3) ok
   source (%rax) (0x3c3c20464f453c3c) not located in a known VMA region 
(needed readable region)!
   destination %rdx ok
  SegvReason: reading unknown VMA
  Signal: 11
  SourcePackage: bash
  StacktraceTop:
   list_reverse ()
   clean_simple_command ()
   yyparse ()
   parse_command ()
   parse_and_execute ()
  Title: bash crashed with SIGSEGV in list_reverse()
  UpgradeStatus: No upgrade log present (probably fresh install)
  UserGroups: adm bumblebee cdrom dip libvirtd lpadmin plugdev sambashare sudo 
wireshark
  modified.conffile..etc.bash.bashrc: [modified]
  mtime.conffile..etc.bash.bashrc: 2014-03-27T19:05:55

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1374375/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1374375] Re: CVE-2014-7186: bash crashed with SIGSEGV in list_reverse()

2014-09-27 Thread Marc Deslauriers 
** Changed in: bash (Ubuntu Utopic)
   Status: Fix Committed = Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1374375

Title:
  CVE-2014-7186: bash crashed with SIGSEGV in list_reverse()

Status in “bash” package in Ubuntu:
  Fix Released
Status in “bash” source package in Lucid:
  Fix Released
Status in “bash” source package in Precise:
  Fix Released
Status in “bash” source package in Trusty:
  Fix Released
Status in “bash” source package in Utopic:
  Fix Released

Bug description:
  Reproduced with

  bash -c 'true EOF EOF EOF EOF EOF EOF EOF EOF EOF
  EOF EOF EOF EOF EOF EOF EOF EOF EOF'

  http://seclists.org/oss-sec/2014/q3/712

  ProblemType: Crash
  DistroRelease: Ubuntu 14.10
  Package: bash 4.3-9ubuntu2
  ProcVersionSignature: Ubuntu 3.16.0-17.23-generic 3.16.3
  Uname: Linux 3.16.0-17-generic x86_64
  NonfreeKernelModules: openafs
  ApportVersion: 2.14.7-0ubuntu2
  Architecture: amd64
  CurrentDesktop: GNOME
  Date: Fri Sep 26 05:42:50 2014
  EcryptfsInUse: Yes
  ExecutablePath: /bin/bash
  InstallationDate: Installed on 2014-08-22 (35 days ago)
  InstallationMedia: Ubuntu-GNOME 14.10 Utopic Unicorn - Alpha amd64 
(20140730)
  ProcCmdline: bash -c true\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF\ 
EOF\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF
  SegvAnalysis:
   Segfault happened at: 0x46cfc3 list_reverse+19:mov(%rax),%rdx
   PC (0x0046cfc3) ok
   source (%rax) (0x3c3c20464f453c3c) not located in a known VMA region 
(needed readable region)!
   destination %rdx ok
  SegvReason: reading unknown VMA
  Signal: 11
  SourcePackage: bash
  StacktraceTop:
   list_reverse ()
   clean_simple_command ()
   yyparse ()
   parse_command ()
   parse_and_execute ()
  Title: bash crashed with SIGSEGV in list_reverse()
  UpgradeStatus: No upgrade log present (probably fresh install)
  UserGroups: adm bumblebee cdrom dip libvirtd lpadmin plugdev sambashare sudo 
wireshark
  modified.conffile..etc.bash.bashrc: [modified]
  mtime.conffile..etc.bash.bashrc: 2014-03-27T19:05:55

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1374375/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp