AOSA-2017-0019: Update Bash
February 8, 2017
Please update your
bash package to version
At patch level 7, which would be version
4.4.7 of Bash, a security issue was addressed that:
"An exploit can be realized by creating a file or directory with a specially crafted name. A user utilizing GNU Bash’s built-in path completion by hitting the Tab button (f.e. to remove it with rm) triggers the exploit without executing a command itself. The vulnerability has been introduced on the devel-branch in May 2015."
And was consequently assigned CVE-2017-5932.