summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/bash
diff options
context:
space:
mode:
authorKhem Raj <raj.khem@gmail.com>2014-09-26 13:21:19 -0700
committerRichard Purdie <richard.purdie@linuxfoundation.org>2014-09-29 12:13:35 +0100
commitd6709b013364737bec7d59edd949db3891a6a8fa (patch)
treedaff7ce3a9bbf753d2aa7d1d9962de1ea6d8daa3 /meta/recipes-extended/bash
parentcab81b3418922aac3fc18df6eea025345e873d7c (diff)
downloadpoky-d6709b013364737bec7d59edd949db3891a6a8fa.tar.gz
bash: Fix CVE-2014-7169
This is a followup patch to incomplete CVE-2014-6271 fix code execution via specially-crafted environment Change-Id: Ibb0a587ee6e09b8174e92d005356e822ad40d4ed (From OE-Core rev: 76a2d6b83472995edbe967aed80f0fcbb784b3fc) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/bash')
-rw-r--r--meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch16
-rw-r--r--meta/recipes-extended/bash/bash/cve-2014-7169.patch16
-rw-r--r--meta/recipes-extended/bash/bash_3.2.48.bb1
-rw-r--r--meta/recipes-extended/bash/bash_4.3.bb1
4 files changed, 34 insertions, 0 deletions
diff --git a/meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch b/meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch
new file mode 100644
index 0000000000..2e734de434
--- /dev/null
+++ b/meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch
@@ -0,0 +1,16 @@
1Taken from http://www.openwall.com/lists/oss-security/2016/09/25/10
2
3Upstream-Status: Backport
4Index: bash-3.2.48/parse.y
5===================================================================
6--- bash-3.2.48.orig/parse.y 2008-04-29 18:24:55.000000000 -0700
7+++ bash-3.2.48/parse.y 2014-09-26 13:07:31.956080056 -0700
8@@ -2503,6 +2503,8 @@
9 FREE (word_desc_to_read);
10 word_desc_to_read = (WORD_DESC *)NULL;
11
12+ eol_ungetc_lookahead = 0;
13+
14 last_read_token = '\n';
15 token_to_read = '\n';
16 }
diff --git a/meta/recipes-extended/bash/bash/cve-2014-7169.patch b/meta/recipes-extended/bash/bash/cve-2014-7169.patch
new file mode 100644
index 0000000000..3c69121767
--- /dev/null
+++ b/meta/recipes-extended/bash/bash/cve-2014-7169.patch
@@ -0,0 +1,16 @@
1Taken from http://www.openwall.com/lists/oss-security/2016/09/25/10
2
3Upstream-Status: Backport
4Index: bash-4.3/parse.y
5===================================================================
6--- bash-4.3.orig/parse.y 2014-09-26 13:10:44.340080056 -0700
7+++ bash-4.3/parse.y 2014-09-26 13:11:44.764080056 -0700
8@@ -2953,6 +2953,8 @@
9 FREE (word_desc_to_read);
10 word_desc_to_read = (WORD_DESC *)NULL;
11
12+ eol_ungetc_lookahead = 0;
13+
14 current_token = '\n'; /* XXX */
15 last_read_token = '\n';
16 token_to_read = '\n';
diff --git a/meta/recipes-extended/bash/bash_3.2.48.bb b/meta/recipes-extended/bash/bash_3.2.48.bb
index 5849ed0169..e6a04cd888 100644
--- a/meta/recipes-extended/bash/bash_3.2.48.bb
+++ b/meta/recipes-extended/bash/bash_3.2.48.bb
@@ -13,6 +13,7 @@ SRC_URI = "${GNU_MIRROR}/bash/bash-${PV}.tar.gz;name=tarball \
13 file://build-tests.patch \ 13 file://build-tests.patch \
14 file://test-output.patch \ 14 file://test-output.patch \
15 file://cve-2014-6271.patch;striplevel=0 \ 15 file://cve-2014-6271.patch;striplevel=0 \
16 file://cve-2014-7169.patch \
16 file://run-ptest \ 17 file://run-ptest \
17 " 18 "
18 19
diff --git a/meta/recipes-extended/bash/bash_4.3.bb b/meta/recipes-extended/bash/bash_4.3.bb
index febaf338fa..69ddeccd35 100644
--- a/meta/recipes-extended/bash/bash_4.3.bb
+++ b/meta/recipes-extended/bash/bash_4.3.bb
@@ -10,6 +10,7 @@ SRC_URI = "${GNU_MIRROR}/bash/${BPN}-${PV}.tar.gz;name=tarball \
10 file://build-tests.patch \ 10 file://build-tests.patch \
11 file://test-output.patch \ 11 file://test-output.patch \
12 file://cve-2014-6271.patch;striplevel=0 \ 12 file://cve-2014-6271.patch;striplevel=0 \
13 file://cve-2014-7169.patch \
13 file://run-ptest \ 14 file://run-ptest \
14 " 15 "
15 16