bash: fix CVE-2014-6271 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Ross Burton <ross.burton@intel.com>	2014-10-02 11:31:54 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-10-16 16:05:55 +0200
commit	c78877b07e137f467e7feb18e15fa06400f30881 (patch)
tree	b2fe17d290ef94f4cbcd354e8680ac52c3b88277 /meta/recipes-extended/bash/bash-4.2/cve-2014-7169.patch
parent	02037d7daa1a24aecccc527a1ee6e78e1ed7c9dd (diff)
download	poky-c78877b07e137f467e7feb18e15fa06400f30881.tar.gz

bash: fix CVE-2014-6271

CVE-2014-6271 aka ShellShock. "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment." (From OE-Core master rev: 798d833c9d4bd9ab287fa86b85b4d5f128170ed3) (From OE-Core rev: d57b9ce8bb97f88c329da973c3567d04d8eb07d2) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-extended/bash/bash-4.2/cve-2014-7169.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: