diff options
| author | Khem Raj <raj.khem@gmail.com> | 2014-10-02 11:32:39 +0100 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2014-10-16 16:05:55 +0200 |
| commit | 35ed0a06be953512847fe281596351c2119fd6e0 (patch) | |
| tree | 82ff77fccd309fdea3acbcb365ad734a6be1f136 /meta/recipes-extended/bash/bash-4.2/cve-2014-7169.patch | |
| parent | c78877b07e137f467e7feb18e15fa06400f30881 (diff) | |
| download | poky-35ed0a06be953512847fe281596351c2119fd6e0.tar.gz | |
bash: Fix CVE-2014-7169
This is a followup patch to incomplete CVE-2014-6271 fix
code execution via specially-crafted environment
Change-Id: Ibb0a587ee6e09b8174e92d005356e822ad40d4ed
(From OE-Core master rev: 76a2d6b83472995edbe967aed80f0fcbb784b3fc)
(From OE-Core rev: 59e7817b6e1d1dd90668083cf34f1650a84430c0)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/bash/bash-4.2/cve-2014-7169.patch')
| -rw-r--r-- | meta/recipes-extended/bash/bash-4.2/cve-2014-7169.patch | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/meta/recipes-extended/bash/bash-4.2/cve-2014-7169.patch b/meta/recipes-extended/bash/bash-4.2/cve-2014-7169.patch new file mode 100644 index 0000000000..3c69121767 --- /dev/null +++ b/meta/recipes-extended/bash/bash-4.2/cve-2014-7169.patch | |||
| @@ -0,0 +1,16 @@ | |||
| 1 | Taken from http://www.openwall.com/lists/oss-security/2016/09/25/10 | ||
| 2 | |||
| 3 | Upstream-Status: Backport | ||
| 4 | Index: bash-4.3/parse.y | ||
| 5 | =================================================================== | ||
| 6 | --- bash-4.3.orig/parse.y 2014-09-26 13:10:44.340080056 -0700 | ||
| 7 | +++ bash-4.3/parse.y 2014-09-26 13:11:44.764080056 -0700 | ||
| 8 | @@ -2953,6 +2953,8 @@ | ||
| 9 | FREE (word_desc_to_read); | ||
| 10 | word_desc_to_read = (WORD_DESC *)NULL; | ||
| 11 | |||
| 12 | + eol_ungetc_lookahead = 0; | ||
| 13 | + | ||
| 14 | current_token = '\n'; /* XXX */ | ||
| 15 | last_read_token = '\n'; | ||
| 16 | token_to_read = '\n'; | ||