diff options
| author | Zhixiong Chi <zhixiong.chi@windriver.com> | 2017-04-20 15:04:54 +0800 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-05-18 13:17:44 +0100 |
| commit | e5aa1ac23669a45491de9ecffac491c01e70203f (patch) | |
| tree | d24e2427ea067272dc58e12e46126c75a72550bf | |
| parent | abae42362ad327df4caf86743d02f632931f1f1d (diff) | |
| download | poky-e5aa1ac23669a45491de9ecffac491c01e70203f.tar.gz | |
bash: CVE-2016-0634
A vulnerability was found in a way bash expands the $HOSTNAME.
Injecting the hostname with malicious code would cause it to run
each time bash expanded \h in the prompt string.
Porting patch from <https://ftp.gnu.org/gnu/bash/bash-4.3-patches/
bash43-047> to solve CVE-2016-0634
CVE: CVE-2016-0634
(From OE-Core rev: 7dd6aa1a4bf6e9fc8a1998cda6ac5397bb5cd5cb)
(From OE-Core rev: a4b37b05140b549960baef49237ce3316e84a041)
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
| -rw-r--r-- | meta/recipes-extended/bash/bash_4.3.30.bb | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-extended/bash/bash_4.3.30.bb b/meta/recipes-extended/bash/bash_4.3.30.bb index e398e87b60..b40059fa1d 100644 --- a/meta/recipes-extended/bash/bash_4.3.30.bb +++ b/meta/recipes-extended/bash/bash_4.3.30.bb | |||
| @@ -21,6 +21,7 @@ SRC_URI = "${GNU_MIRROR}/bash/${BP}.tar.gz;name=tarball \ | |||
| 21 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-044;apply=yes;striplevel=0;name=patch044 \ | 21 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-044;apply=yes;striplevel=0;name=patch044 \ |
| 22 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-045;apply=yes;striplevel=0;name=patch045 \ | 22 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-045;apply=yes;striplevel=0;name=patch045 \ |
| 23 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-046;apply=yes;striplevel=0;name=patch046 \ | 23 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-046;apply=yes;striplevel=0;name=patch046 \ |
| 24 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-047;apply=yes;striplevel=0;name=patch047 \ | ||
| 24 | file://execute_cmd.patch;striplevel=0 \ | 25 | file://execute_cmd.patch;striplevel=0 \ |
| 25 | file://mkbuiltins_have_stringize.patch \ | 26 | file://mkbuiltins_have_stringize.patch \ |
| 26 | file://build-tests.patch \ | 27 | file://build-tests.patch \ |
| @@ -68,5 +69,7 @@ SRC_URI[patch045.md5sum] = "4473244ca5abfd4b018ea26dc73e7412" | |||
| 68 | SRC_URI[patch045.sha256sum] = "ba6ec3978e9eaa1eb3fabdaf3cc6fdf8c4606ac1c599faaeb4e2d69864150023" | 69 | SRC_URI[patch045.sha256sum] = "ba6ec3978e9eaa1eb3fabdaf3cc6fdf8c4606ac1c599faaeb4e2d69864150023" |
| 69 | SRC_URI[patch046.md5sum] = "7e5fb09991c077076b86e0e057798913" | 70 | SRC_URI[patch046.md5sum] = "7e5fb09991c077076b86e0e057798913" |
| 70 | SRC_URI[patch046.sha256sum] = "b3b456a6b690cd293353f17e22d92a202b3c8bce587ae5f2667c20c9ab6f688f" | 71 | SRC_URI[patch046.sha256sum] = "b3b456a6b690cd293353f17e22d92a202b3c8bce587ae5f2667c20c9ab6f688f" |
| 72 | SRC_URI[patch047.md5sum] = "8483153bad1a6f52cadc3bd9a8df7835" | ||
| 73 | SRC_URI[patch047.sha256sum] = "c69248de7e78ba6b92f118fe1ef47bc86479d5040fe0b1f908ace1c9e3c67c4a" | ||
| 71 | 74 | ||
| 72 | BBCLASSEXTEND = "nativesdk" | 75 | BBCLASSEXTEND = "nativesdk" |