Mandriva Linux Security Advisory 2013-032 - A stack-based buffer overflow flaw was found in the way bash, the GNU Bourne Again shell, expanded certain /dev/fd file names when checking file names and evaluating /dev/fd file names in conditional command expressions. A remote attacker could provide a specially-crafted Bash script that, when executed, would cause the bash executable to crash. Additionally the official patches 011 to 037 for bash-4.2 has been applied which resolves other issues found, including the CVE-2012-3410 vulnerability. NOTE: This advisory was previously given the MDVSA-2013:019 identifier by mistake.
be4cc49cd24a196a81801507077493f6d5b6505240cbd1cdcad5ea0b1cf45094