MDVSA-2010:004 -- Mandriva bashID: oval:org.secpod.oval:def:300091 | Date: (C)2012-01-07 (M)2021-06-02 |
Class: PATCH | Family: unix |
A vulnerability have been discovered in Mandriva bash package, which could allow a malicious user to hide files from the ls command, or garble its output by crafting files or directories which contain special characters or escape sequences . This update fixes the issue by disabling the display of control characters by default. Additionally, this update fixes the unsafe file creation in bash-doc sample scripts . Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers.
Platform: |
Mandriva Linux 2010.0 |
Mandriva Linux 2009.0 |
Mandriva Linux 2009.1 |
Mandriva Linux 2008.0 |