fish: Multiple vulnerabilities

2014-12-28T00:00:00
ID GLSA-201412-49
Type gentoo
Reporter Gentoo Foundation
Modified 2014-12-28T00:00:00

Description

Background

fish is the Friendly Interactive SHell.

Description

Multiple vulnerabilities have been discovered in fish. Please review the CVE identifiers referenced below for details.

Impact

A local attacker may be able to gain escalated privileges or overwrite arbitrary files. Furthermore, a remote attacker may be able to execute arbitrary code.

Workaround

There is no known workaround at this time.

Resolution

All fish users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-shells/fish-2.1.1"