bash: Fix for CVE-2014-6277 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Catalin Popeanga <Catalin.Popeanga@enea.com>	2014-10-09 14:24:53 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-10-16 16:05:56 +0200
commit	4b302b8fa0d568e8aea3db15c3dde988d863661c (patch)
tree	3fc66f8281c1971dc4707d833afe672a98a0cff8 /meta/classes/devshell.bbclass
parent	7a9908432f6a5ffea73bbf16cef6eb9931f7d4e3 (diff)
download	poky-4b302b8fa0d568e8aea3db15c3dde988d863661c.tar.gz

bash: Fix for CVE-2014-6277

Follow up bash42-049 to parse properly function definitions in the values of environment variables, to not allow remote attackers to execute arbitrary code or to cause a denial of service. See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277 (From OE-Core daisy rev: 85961bcf81650992259cebb0ef1f1c6cdef3fefa) (From OE-Core rev: ae653aed4c6b7d8075cd464edcd2e01237bfc105) Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/classes/devshell.bbclass')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: