fish: Multiple vulnerabilities Multiple vulnerabilities have been found in fish, the worst of which could result in local privilege escalation or remote arbitrary code execution. fish 2014-12-28 2014-12-28 509044 local, remote 2.1.1 2.1.1

fish is the Friendly Interactive SHell.

Multiple vulnerabilities have been discovered in fish. Please review the CVE identifiers referenced below for details.

A local attacker may be able to gain escalated privileges or overwrite arbitrary files. Furthermore, a remote attacker may be able to execute arbitrary code.

There is no known workaround at this time.

All fish users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=app-shells/fish-2.1.1" CVE-2014-2905 CVE-2014-2906 CVE-2014-2914 CVE-2014-3219 Zlogene Zlogene