Issued:
2013-02-20
Updated:
2013-02-20

RHBA-2013:0306 - bash bug fix and enhancement update

Synopsis

bash bug fix and enhancement update

Type/Severity

Bug Fix Advisory (none)

Topic

Updated bash packages that fix three bugs and add one enhancement are now available for Red Hat Enterprise Linux 6.

Description

The bash packages provide the Bash (Bourne-again shell) shell, which is the default shell for Red Hat Enterprise Linux.

This update fixes the following bugs:

  • Prior to this update, the trap handler could, under certain circumstances, lose signals during another trap initialization. This update blocks the signal while the trap string and handler are being modified. Now, the signals are no longer lost. (BZ#695656)

  • Prior to this update, the manual page for trap in Bash did not mention that signals ignored upon entry cannot be listed later. This is now fixed and the manual page entry text is amended to "Signals ignored upon entry to the shell cannot be trapped, reset or listed". (BZ#799958)

  • Prior to this update, the Bash shell called the trap handler within a signal handler when a SIGCHLD signal was received in job control mode and a handler for the signal was installed. This was a security risk and could cause Bash to enter a deadlock or to terminate unexpectedly with a segmentation fault due to memory corruption. With this update, the trap handler is now called outside of the signal handler, and Bash no longer enters a deadlock. (BZ#800473)

This update also adds the following enhancement:

  • This update enables the system-wide "/etc/bash.bash_logout" file. This allows administrators to write system-wide logout actions for all users. (BZ#677439)

All users of bash are advised to upgrade to these updated packages, which fix these bugs and add this enhancement.

Solution

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258

Affected Products

ProductVersionArch
Red Hat Enterprise Linux for Scientific Computing6x86_64
Red Hat Enterprise Linux for Power, big endian6ppc64
Red Hat Enterprise Linux for IBM z Systems6s390x
Red Hat Enterprise Linux Workstation6x86_64
Red Hat Enterprise Linux Workstation6i386
Red Hat Enterprise Linux Server6x86_64
Red Hat Enterprise Linux Server6i386
Red Hat Enterprise Linux Server from RHUI6x86_64
Red Hat Enterprise Linux Server from RHUI6i386
Red Hat Enterprise Linux Server - Retired Extended Life Cycle Support6x86_64
Red Hat Enterprise Linux Server - Extended Life Cycle Support6x86_64
Red Hat Enterprise Linux Server - Extended Life Cycle Support6i386
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension6x86_64
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension6i386
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems)6s390x
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems)6s390x
Red Hat Enterprise Linux Desktop6x86_64
Red Hat Enterprise Linux Desktop6i386

Updated Packages

  • bash-doc-4.1.2-14.el6.i686.rpm
  • bash-4.1.2-14.el6.x86_64.rpm
  • bash-debuginfo-4.1.2-14.el6.ppc64.rpm
  • bash-debuginfo-4.1.2-14.el6.i686.rpm
  • bash-doc-4.1.2-14.el6.x86_64.rpm
  • bash-doc-4.1.2-14.el6.ppc64.rpm
  • bash-debuginfo-4.1.2-14.el6.s390x.rpm
  • bash-4.1.2-14.el6.s390x.rpm
  • bash-4.1.2-14.el6.i686.rpm
  • bash-4.1.2-14.el6.ppc64.rpm
  • bash-doc-4.1.2-14.el6.s390x.rpm
  • bash-4.1.2-14.el6.src.rpm
  • bash-debuginfo-4.1.2-14.el6.x86_64.rpm

Fixes

CVEs

(none)

References

(none)

Additional information