SuSE 11.3 Security Update : coreutils (SAT Patch Number 10620)
High Nessus Plugin ID 83133
SynopsisThe remote SuSE 11 host is missing one or more security updates.
DescriptionCoreutils was updated to fix one security issue and one non-security bug.
The following vulnerability was fixed :
- Commands such as date, touch or using parse_datetime() could, when accepting untrusted input, allow an attacker to crash the application or, potentially, execute arbitrary code. (bnc#911832, CVE-2014-9471)
The following non-security bug was fixed :
- df(1) executed against a bind mounted path which resided on a different file system could issue many unnecessary stat calls, causing unwanted performance issues.
SolutionApply SAT patch number 10620.