diff options
author | Mark Hatle <mark.hatle@windriver.com> | 2014-10-03 09:51:25 -0500 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2014-10-06 15:15:51 +0100 |
commit | 94d2fea672140bcd561dc001da5759a927192b93 (patch) | |
tree | 9518f1a8a088cf149131b0829e3c3f65a99f09a1 /meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch | |
parent | be2cf13961ef89200f691570c9333e8130126ef9 (diff) | |
download | poky-94d2fea672140bcd561dc001da5759a927192b93.tar.gz |
bash: Upgrade bash to latest patch level to fix CVEs
We upgrade bash_4.3 to patch revision 29, and bash_3.2.48 to 56.
There are numerous community bug fixes included with this set, but the key
items are:
bash32-052 CVE-2014-6271 9/24/2014
bash32-053 CVE-2014-7169 9/26/2014
bash32-054 exported function namespace change 9/27/2014
bash32-055 CVE-2014-7186/CVE-2014-7187 10/1/2014
bash32-056 CVE-2014-6277 10/2/2014
bash43-025 CVE-2014-6271 9/24/2014
bash43-026 CVE-2014-7169 9/26/2014
bash43-027 exported function namespace change 9/27/2014
bash43-028 CVE-2014-7186/CVE-2014-7187 10/1/2014
bash43-029 CVE-2014-6277 10/2/2014
(From OE-Core rev: 43deeff0c6b0ea7729d3e5f1887dfd1647dea1da)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch')
-rw-r--r-- | meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch | 16 |
1 files changed, 0 insertions, 16 deletions
diff --git a/meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch b/meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch deleted file mode 100644 index 2e734de434..0000000000 --- a/meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch +++ /dev/null | |||
@@ -1,16 +0,0 @@ | |||
1 | Taken from http://www.openwall.com/lists/oss-security/2016/09/25/10 | ||
2 | |||
3 | Upstream-Status: Backport | ||
4 | Index: bash-3.2.48/parse.y | ||
5 | =================================================================== | ||
6 | --- bash-3.2.48.orig/parse.y 2008-04-29 18:24:55.000000000 -0700 | ||
7 | +++ bash-3.2.48/parse.y 2014-09-26 13:07:31.956080056 -0700 | ||
8 | @@ -2503,6 +2503,8 @@ | ||
9 | FREE (word_desc_to_read); | ||
10 | word_desc_to_read = (WORD_DESC *)NULL; | ||
11 | |||
12 | + eol_ungetc_lookahead = 0; | ||
13 | + | ||
14 | last_read_token = '\n'; | ||
15 | token_to_read = '\n'; | ||
16 | } | ||