Joined: 12 May 2004
|Posted: Sun Dec 28, 2014 9:26 am Post subject: [ GLSA 201412-49 ] fish
|Gentoo Linux Security Advisory
Title: fish: Multiple vulnerabilities (GLSA 201412-49)
Exploitable: local, remote
Date: December 28, 2014
Multiple vulnerabilities have been found in fish, the worst of
which could result in local privilege escalation or remote arbitrary code
fish is the Friendly Interactive SHell.
Vulnerable: < 2.1.1
Unaffected: >= 2.1.1
Architectures: All supported architectures
Multiple vulnerabilities have been discovered in fish. Please review the
CVE identifiers referenced below for details.
A local attacker may be able to gain escalated privileges or overwrite
arbitrary files. Furthermore, a remote attacker may be able to execute
There is no known workaround at this time.
All fish users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=app-shells/fish-2.1.1"
Last edited by GLSA on Thu Jun 18, 2015 4:16 am; edited 1 time in total