diff options
| author | Mark Hatle <mark.hatle@windriver.com> | 2014-10-03 09:51:25 -0500 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2014-10-06 15:15:51 +0100 |
| commit | 94d2fea672140bcd561dc001da5759a927192b93 (patch) | |
| tree | 9518f1a8a088cf149131b0829e3c3f65a99f09a1 /meta/recipes-extended | |
| parent | be2cf13961ef89200f691570c9333e8130126ef9 (diff) | |
| download | poky-94d2fea672140bcd561dc001da5759a927192b93.tar.gz | |
bash: Upgrade bash to latest patch level to fix CVEs
We upgrade bash_4.3 to patch revision 29, and bash_3.2.48 to 56.
There are numerous community bug fixes included with this set, but the key
items are:
bash32-052 CVE-2014-6271 9/24/2014
bash32-053 CVE-2014-7169 9/26/2014
bash32-054 exported function namespace change 9/27/2014
bash32-055 CVE-2014-7186/CVE-2014-7187 10/1/2014
bash32-056 CVE-2014-6277 10/2/2014
bash43-025 CVE-2014-6271 9/24/2014
bash43-026 CVE-2014-7169 9/26/2014
bash43-027 exported function namespace change 9/27/2014
bash43-028 CVE-2014-7186/CVE-2014-7187 10/1/2014
bash43-029 CVE-2014-6277 10/2/2014
(From OE-Core rev: 43deeff0c6b0ea7729d3e5f1887dfd1647dea1da)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended')
| -rw-r--r-- | meta/recipes-extended/bash/bash-3.2.48/cve-2014-6271.patch | 77 | ||||
| -rw-r--r-- | meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch | 16 | ||||
| -rw-r--r-- | meta/recipes-extended/bash/bash/cve-2014-6271.patch | 114 | ||||
| -rw-r--r-- | meta/recipes-extended/bash/bash/cve-2014-7169.patch | 16 | ||||
| -rw-r--r-- | meta/recipes-extended/bash/bash_3.2.48.bb | 38 | ||||
| -rw-r--r-- | meta/recipes-extended/bash/bash_4.3.bb | 90 |
6 files changed, 112 insertions, 239 deletions
diff --git a/meta/recipes-extended/bash/bash-3.2.48/cve-2014-6271.patch b/meta/recipes-extended/bash/bash-3.2.48/cve-2014-6271.patch deleted file mode 100644 index 7226ffb665..0000000000 --- a/meta/recipes-extended/bash/bash-3.2.48/cve-2014-6271.patch +++ /dev/null | |||
| @@ -1,77 +0,0 @@ | |||
| 1 | Fix CVE-2014-6271, aka ShellShock. | ||
| 2 | |||
| 3 | Upstream-Status: Backport | ||
| 4 | Signed-off-by: Ross Burton <ross.burton@intel.com> | ||
| 5 | |||
| 6 | *** ../bash-3.2.51/builtins/common.h 2006-03-06 09:38:44.000000000 -0500 | ||
| 7 | --- builtins/common.h 2014-09-16 19:08:02.000000000 -0400 | ||
| 8 | *************** | ||
| 9 | *** 34,37 **** | ||
| 10 | --- 34,39 ---- | ||
| 11 | |||
| 12 | /* Flags for describe_command, shared between type.def and command.def */ | ||
| 13 | + #define SEVAL_FUNCDEF 0x080 /* only allow function definitions */ | ||
| 14 | + #define SEVAL_ONECMD 0x100 /* only allow a single command */ | ||
| 15 | #define CDESC_ALL 0x001 /* type -a */ | ||
| 16 | #define CDESC_SHORTDESC 0x002 /* command -V */ | ||
| 17 | *** ../bash-3.2.51/builtins/evalstring.c 2008-11-15 17:47:04.000000000 -0500 | ||
| 18 | --- builtins/evalstring.c 2014-09-16 19:08:02.000000000 -0400 | ||
| 19 | *************** | ||
| 20 | *** 235,238 **** | ||
| 21 | --- 235,246 ---- | ||
| 22 | struct fd_bitmap *bitmap; | ||
| 23 | |||
| 24 | + if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def) | ||
| 25 | + { | ||
| 26 | + internal_warning ("%s: ignoring function definition attempt", from_file); | ||
| 27 | + should_jump_to_top_level = 0; | ||
| 28 | + last_result = last_command_exit_value = EX_BADUSAGE; | ||
| 29 | + break; | ||
| 30 | + } | ||
| 31 | + | ||
| 32 | bitmap = new_fd_bitmap (FD_BITMAP_SIZE); | ||
| 33 | begin_unwind_frame ("pe_dispose"); | ||
| 34 | *************** | ||
| 35 | *** 292,295 **** | ||
| 36 | --- 300,306 ---- | ||
| 37 | dispose_fd_bitmap (bitmap); | ||
| 38 | discard_unwind_frame ("pe_dispose"); | ||
| 39 | + | ||
| 40 | + if (flags & SEVAL_ONECMD) | ||
| 41 | + break; | ||
| 42 | } | ||
| 43 | } | ||
| 44 | *** ../bash-3.2.51/variables.c 2008-11-15 17:15:06.000000000 -0500 | ||
| 45 | --- variables.c 2014-09-16 19:10:39.000000000 -0400 | ||
| 46 | *************** | ||
| 47 | *** 319,328 **** | ||
| 48 | strcpy (temp_string + char_index + 1, string); | ||
| 49 | |||
| 50 | ! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST); | ||
| 51 | ! | ||
| 52 | ! /* Ancient backwards compatibility. Old versions of bash exported | ||
| 53 | ! functions like name()=() {...} */ | ||
| 54 | ! if (name[char_index - 1] == ')' && name[char_index - 2] == '(') | ||
| 55 | ! name[char_index - 2] = '\0'; | ||
| 56 | |||
| 57 | if (temp_var = find_function (name)) | ||
| 58 | --- 319,326 ---- | ||
| 59 | strcpy (temp_string + char_index + 1, string); | ||
| 60 | |||
| 61 | ! /* Don't import function names that are invalid identifiers from the | ||
| 62 | ! environment. */ | ||
| 63 | ! if (legal_identifier (name)) | ||
| 64 | ! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); | ||
| 65 | |||
| 66 | if (temp_var = find_function (name)) | ||
| 67 | *************** | ||
| 68 | *** 333,340 **** | ||
| 69 | else | ||
| 70 | report_error (_("error importing function definition for `%s'"), name); | ||
| 71 | - | ||
| 72 | - /* ( */ | ||
| 73 | - if (name[char_index - 1] == ')' && name[char_index - 2] == '\0') | ||
| 74 | - name[char_index - 2] = '('; /* ) */ | ||
| 75 | } | ||
| 76 | #if defined (ARRAY_VARS) | ||
| 77 | --- 331,334 ---- | ||
diff --git a/meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch b/meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch deleted file mode 100644 index 2e734de434..0000000000 --- a/meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch +++ /dev/null | |||
| @@ -1,16 +0,0 @@ | |||
| 1 | Taken from http://www.openwall.com/lists/oss-security/2016/09/25/10 | ||
| 2 | |||
| 3 | Upstream-Status: Backport | ||
| 4 | Index: bash-3.2.48/parse.y | ||
| 5 | =================================================================== | ||
| 6 | --- bash-3.2.48.orig/parse.y 2008-04-29 18:24:55.000000000 -0700 | ||
| 7 | +++ bash-3.2.48/parse.y 2014-09-26 13:07:31.956080056 -0700 | ||
| 8 | @@ -2503,6 +2503,8 @@ | ||
| 9 | FREE (word_desc_to_read); | ||
| 10 | word_desc_to_read = (WORD_DESC *)NULL; | ||
| 11 | |||
| 12 | + eol_ungetc_lookahead = 0; | ||
| 13 | + | ||
| 14 | last_read_token = '\n'; | ||
| 15 | token_to_read = '\n'; | ||
| 16 | } | ||
diff --git a/meta/recipes-extended/bash/bash/cve-2014-6271.patch b/meta/recipes-extended/bash/bash/cve-2014-6271.patch deleted file mode 100644 index d33a5c8f47..0000000000 --- a/meta/recipes-extended/bash/bash/cve-2014-6271.patch +++ /dev/null | |||
| @@ -1,114 +0,0 @@ | |||
| 1 | Fix CVE-2014-6271, aka ShellShock. This is the upstream 4.3 patchlevel 25, minus the hunk to | ||
| 2 | set the patch level. | ||
| 3 | |||
| 4 | Upstream-Status: Backport | ||
| 5 | Signed-off-by: Ross Burton <ross.burton@intel.com> | ||
| 6 | |||
| 7 | BASH PATCH REPORT | ||
| 8 | ================= | ||
| 9 | |||
| 10 | Bash-Release: 4.3 | ||
| 11 | Patch-ID: bash43-025 | ||
| 12 | |||
| 13 | Bug-Reported-by: Stephane Chazelas <stephane.chazelas@gmail.com> | ||
| 14 | Bug-Reference-ID: | ||
| 15 | Bug-Reference-URL: | ||
| 16 | |||
| 17 | Bug-Description: | ||
| 18 | |||
| 19 | Under certain circumstances, bash will execute user code while processing the | ||
| 20 | environment for exported function definitions. | ||
| 21 | |||
| 22 | Patch (apply with `patch -p0'): | ||
| 23 | |||
| 24 | *** ../bash-4.3-patched/builtins/common.h 2013-07-08 16:54:47.000000000 -0400 | ||
| 25 | --- builtins/common.h 2014-09-12 14:25:47.000000000 -0400 | ||
| 26 | *************** | ||
| 27 | *** 34,37 **** | ||
| 28 | --- 49,54 ---- | ||
| 29 | #define SEVAL_PARSEONLY 0x020 | ||
| 30 | #define SEVAL_NOLONGJMP 0x040 | ||
| 31 | + #define SEVAL_FUNCDEF 0x080 /* only allow function definitions */ | ||
| 32 | + #define SEVAL_ONECMD 0x100 /* only allow a single command */ | ||
| 33 | |||
| 34 | /* Flags for describe_command, shared between type.def and command.def */ | ||
| 35 | *** ../bash-4.3-patched/builtins/evalstring.c 2014-02-11 09:42:10.000000000 -0500 | ||
| 36 | --- builtins/evalstring.c 2014-09-14 14:15:13.000000000 -0400 | ||
| 37 | *************** | ||
| 38 | *** 309,312 **** | ||
| 39 | --- 313,324 ---- | ||
| 40 | struct fd_bitmap *bitmap; | ||
| 41 | |||
| 42 | + if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def) | ||
| 43 | + { | ||
| 44 | + internal_warning ("%s: ignoring function definition attempt", from_file); | ||
| 45 | + should_jump_to_top_level = 0; | ||
| 46 | + last_result = last_command_exit_value = EX_BADUSAGE; | ||
| 47 | + break; | ||
| 48 | + } | ||
| 49 | + | ||
| 50 | bitmap = new_fd_bitmap (FD_BITMAP_SIZE); | ||
| 51 | begin_unwind_frame ("pe_dispose"); | ||
| 52 | *************** | ||
| 53 | *** 369,372 **** | ||
| 54 | --- 381,387 ---- | ||
| 55 | dispose_fd_bitmap (bitmap); | ||
| 56 | discard_unwind_frame ("pe_dispose"); | ||
| 57 | + | ||
| 58 | + if (flags & SEVAL_ONECMD) | ||
| 59 | + break; | ||
| 60 | } | ||
| 61 | } | ||
| 62 | *** ../bash-4.3-patched/variables.c 2014-05-15 08:26:50.000000000 -0400 | ||
| 63 | --- variables.c 2014-09-14 14:23:35.000000000 -0400 | ||
| 64 | *************** | ||
| 65 | *** 359,369 **** | ||
| 66 | strcpy (temp_string + char_index + 1, string); | ||
| 67 | |||
| 68 | ! if (posixly_correct == 0 || legal_identifier (name)) | ||
| 69 | ! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST); | ||
| 70 | ! | ||
| 71 | ! /* Ancient backwards compatibility. Old versions of bash exported | ||
| 72 | ! functions like name()=() {...} */ | ||
| 73 | ! if (name[char_index - 1] == ')' && name[char_index - 2] == '(') | ||
| 74 | ! name[char_index - 2] = '\0'; | ||
| 75 | |||
| 76 | if (temp_var = find_function (name)) | ||
| 77 | --- 364,372 ---- | ||
| 78 | strcpy (temp_string + char_index + 1, string); | ||
| 79 | |||
| 80 | ! /* Don't import function names that are invalid identifiers from the | ||
| 81 | ! environment, though we still allow them to be defined as shell | ||
| 82 | ! variables. */ | ||
| 83 | ! if (legal_identifier (name)) | ||
| 84 | ! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); | ||
| 85 | |||
| 86 | if (temp_var = find_function (name)) | ||
| 87 | *************** | ||
| 88 | *** 382,389 **** | ||
| 89 | report_error (_("error importing function definition for `%s'"), name); | ||
| 90 | } | ||
| 91 | - | ||
| 92 | - /* ( */ | ||
| 93 | - if (name[char_index - 1] == ')' && name[char_index - 2] == '\0') | ||
| 94 | - name[char_index - 2] = '('; /* ) */ | ||
| 95 | } | ||
| 96 | #if defined (ARRAY_VARS) | ||
| 97 | --- 385,388 ---- | ||
| 98 | *** ../bash-4.3-patched/subst.c 2014-08-11 11:16:35.000000000 -0400 | ||
| 99 | --- subst.c 2014-09-12 15:31:04.000000000 -0400 | ||
| 100 | *************** | ||
| 101 | *** 8048,8052 **** | ||
| 102 | goto return0; | ||
| 103 | } | ||
| 104 | ! else if (var = find_variable_last_nameref (temp1)) | ||
| 105 | { | ||
| 106 | temp = nameref_cell (var); | ||
| 107 | --- 8118,8124 ---- | ||
| 108 | goto return0; | ||
| 109 | } | ||
| 110 | ! else if (var && (invisible_p (var) || var_isset (var) == 0)) | ||
| 111 | ! temp = (char *)NULL; | ||
| 112 | ! else if ((var = find_variable_last_nameref (temp1)) && var_isset (var) && invisible_p (var) == 0) | ||
| 113 | { | ||
| 114 | temp = nameref_cell (var); | ||
diff --git a/meta/recipes-extended/bash/bash/cve-2014-7169.patch b/meta/recipes-extended/bash/bash/cve-2014-7169.patch deleted file mode 100644 index 3c69121767..0000000000 --- a/meta/recipes-extended/bash/bash/cve-2014-7169.patch +++ /dev/null | |||
| @@ -1,16 +0,0 @@ | |||
| 1 | Taken from http://www.openwall.com/lists/oss-security/2016/09/25/10 | ||
| 2 | |||
| 3 | Upstream-Status: Backport | ||
| 4 | Index: bash-4.3/parse.y | ||
| 5 | =================================================================== | ||
| 6 | --- bash-4.3.orig/parse.y 2014-09-26 13:10:44.340080056 -0700 | ||
| 7 | +++ bash-4.3/parse.y 2014-09-26 13:11:44.764080056 -0700 | ||
| 8 | @@ -2953,6 +2953,8 @@ | ||
| 9 | FREE (word_desc_to_read); | ||
| 10 | word_desc_to_read = (WORD_DESC *)NULL; | ||
| 11 | |||
| 12 | + eol_ungetc_lookahead = 0; | ||
| 13 | + | ||
| 14 | current_token = '\n'; /* XXX */ | ||
| 15 | last_read_token = '\n'; | ||
| 16 | token_to_read = '\n'; | ||
diff --git a/meta/recipes-extended/bash/bash_3.2.48.bb b/meta/recipes-extended/bash/bash_3.2.48.bb index e6a04cd888..77f251409e 100644 --- a/meta/recipes-extended/bash/bash_3.2.48.bb +++ b/meta/recipes-extended/bash/bash_3.2.48.bb | |||
| @@ -6,25 +6,35 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=fd5d9bcabd8ed5a54a01ce8d183d592a" | |||
| 6 | PR = "r11" | 6 | PR = "r11" |
| 7 | 7 | ||
| 8 | SRC_URI = "${GNU_MIRROR}/bash/bash-${PV}.tar.gz;name=tarball \ | 8 | SRC_URI = "${GNU_MIRROR}/bash/bash-${PV}.tar.gz;name=tarball \ |
| 9 | ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-049;apply=yes;striplevel=0;name=patch001 \ | 9 | ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-049;apply=yes;striplevel=0;name=patch049 \ |
| 10 | ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-050;apply=yes;striplevel=0;name=patch002 \ | 10 | ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-050;apply=yes;striplevel=0;name=patch050 \ |
| 11 | ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-051;apply=yes;striplevel=0;name=patch003 \ | 11 | ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-051;apply=yes;striplevel=0;name=patch051 \ |
| 12 | ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-052;apply=yes;striplevel=0;name=patch052 \ | ||
| 13 | ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-053;apply=yes;striplevel=0;name=patch053 \ | ||
| 14 | ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-054;apply=yes;striplevel=0;name=patch054 \ | ||
| 15 | ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-055;apply=yes;striplevel=0;name=patch055 \ | ||
| 16 | ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-056;apply=yes;striplevel=0;name=patch056 \ | ||
| 12 | file://mkbuiltins_have_stringize.patch \ | 17 | file://mkbuiltins_have_stringize.patch \ |
| 13 | file://build-tests.patch \ | 18 | file://build-tests.patch \ |
| 14 | file://test-output.patch \ | 19 | file://test-output.patch \ |
| 15 | file://cve-2014-6271.patch;striplevel=0 \ | ||
| 16 | file://cve-2014-7169.patch \ | ||
| 17 | file://run-ptest \ | 20 | file://run-ptest \ |
| 18 | " | 21 | " |
| 19 | 22 | ||
| 20 | SRC_URI[tarball.md5sum] = "338dcf975a93640bb3eaa843ca42e3f8" | 23 | SRC_URI[tarball.md5sum] = "338dcf975a93640bb3eaa843ca42e3f8" |
| 21 | SRC_URI[tarball.sha256sum] = "128d281bd5682ba5f6953122915da71976357d7a76490d266c9173b1d0426348" | 24 | SRC_URI[tarball.sha256sum] = "128d281bd5682ba5f6953122915da71976357d7a76490d266c9173b1d0426348" |
| 22 | SRC_URI[patch001.md5sum] = "af571a2d164d5abdcae4499e94e8892c" | 25 | SRC_URI[patch049.md5sum] = "af571a2d164d5abdcae4499e94e8892c" |
| 23 | SRC_URI[patch001.sha256sum] = "b1217ed94bdb95dc878fa5cabbf8a164435eb0d9da23a392198f48566ee34a2f" | 26 | SRC_URI[patch049.sha256sum] = "b1217ed94bdb95dc878fa5cabbf8a164435eb0d9da23a392198f48566ee34a2f" |
| 24 | SRC_URI[patch002.md5sum] = "8443d4385d73ec835abe401d90591377" | 27 | SRC_URI[patch050.md5sum] = "8443d4385d73ec835abe401d90591377" |
| 25 | SRC_URI[patch002.sha256sum] = "081bb03c580ecee63ba03b40beb3caf509eca29515b2e8dd3c078503609a1642" | 28 | SRC_URI[patch050.sha256sum] = "081bb03c580ecee63ba03b40beb3caf509eca29515b2e8dd3c078503609a1642" |
| 26 | SRC_URI[patch003.md5sum] = "15c6653042e9814aa87120098fc7a849" | 29 | SRC_URI[patch051.md5sum] = "15c6653042e9814aa87120098fc7a849" |
| 27 | SRC_URI[patch003.sha256sum] = "354886097cd95b4def77028f32ee01e2e088d58a98184fede9d3ce9320e218ef" | 30 | SRC_URI[patch051.sha256sum] = "354886097cd95b4def77028f32ee01e2e088d58a98184fede9d3ce9320e218ef" |
| 28 | 31 | SRC_URI[patch052.md5sum] = "691023a944bbb9003cc92ad462d91fa1" | |
| 29 | SRC_URI[md5sum] = "338dcf975a93640bb3eaa843ca42e3f8" | 32 | SRC_URI[patch052.sha256sum] = "a0eccf9ceda50871db10d21efdd74b99e35efbd55c970c400eeade012816bb61" |
| 30 | SRC_URI[sha256sum] = "128d281bd5682ba5f6953122915da71976357d7a76490d266c9173b1d0426348" | 33 | SRC_URI[patch053.md5sum] = "eb97d1c9230a55283d9dac69d3de2e46" |
| 34 | SRC_URI[patch053.sha256sum] = "fe6f0e96e0b966eaed9fb5e930ca12891f4380f30f9e0a773d200ff2063a864e" | ||
| 35 | SRC_URI[patch054.md5sum] = "1107744058c43b247f597584b88ba0a6" | ||
| 36 | SRC_URI[patch054.sha256sum] = "c6dab911e85688c542ce75afc175dbb4e5011de5102758e19a4a80dac1e79359" | ||
| 37 | SRC_URI[patch055.md5sum] = "05d201176d3499e2dfa4a73d09d42f05" | ||
| 38 | SRC_URI[patch055.sha256sum] = "c0e816700837942ed548da74e5917f74b70cbbbb10c9f2caf73e8e06a0713d0a" | ||
| 39 | SRC_URI[patch056.md5sum] = "222eaa3a2c26f54a15aa5e08817a534a" | ||
| 40 | SRC_URI[patch056.sha256sum] = "063a8d8d74e4407bf07a32b965b8ef6d213a66abdb6af26cc3584a437a56bbb4" | ||
diff --git a/meta/recipes-extended/bash/bash_4.3.bb b/meta/recipes-extended/bash/bash_4.3.bb index 69ddeccd35..9e5b3deeb2 100644 --- a/meta/recipes-extended/bash/bash_4.3.bb +++ b/meta/recipes-extended/bash/bash_4.3.bb | |||
| @@ -5,16 +5,102 @@ LICENSE = "GPLv3+" | |||
| 5 | LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" | 5 | LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" |
| 6 | 6 | ||
| 7 | SRC_URI = "${GNU_MIRROR}/bash/${BPN}-${PV}.tar.gz;name=tarball \ | 7 | SRC_URI = "${GNU_MIRROR}/bash/${BPN}-${PV}.tar.gz;name=tarball \ |
| 8 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-001;apply=yes;striplevel=0;name=patch001 \ | ||
| 9 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-002;apply=yes;striplevel=0;name=patch002 \ | ||
| 10 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-003;apply=yes;striplevel=0;name=patch003 \ | ||
| 11 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-004;apply=yes;striplevel=0;name=patch004 \ | ||
| 12 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-005;apply=yes;striplevel=0;name=patch005 \ | ||
| 13 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-006;apply=yes;striplevel=0;name=patch006 \ | ||
| 14 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-007;apply=yes;striplevel=0;name=patch007 \ | ||
| 15 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-008;apply=yes;striplevel=0;name=patch008 \ | ||
| 16 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-009;apply=yes;striplevel=0;name=patch009 \ | ||
| 17 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-010;apply=yes;striplevel=0;name=patch010 \ | ||
| 18 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-011;apply=yes;striplevel=0;name=patch011 \ | ||
| 19 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-012;apply=yes;striplevel=0;name=patch012 \ | ||
| 20 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-013;apply=yes;striplevel=0;name=patch013 \ | ||
| 21 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-014;apply=yes;striplevel=0;name=patch014 \ | ||
| 22 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-015;apply=yes;striplevel=0;name=patch015 \ | ||
| 23 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-016;apply=yes;striplevel=0;name=patch016 \ | ||
| 24 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-017;apply=yes;striplevel=0;name=patch017 \ | ||
| 25 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-018;apply=yes;striplevel=0;name=patch018 \ | ||
| 26 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-019;apply=yes;striplevel=0;name=patch019 \ | ||
| 27 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-020;apply=yes;striplevel=0;name=patch020 \ | ||
| 28 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-021;apply=yes;striplevel=0;name=patch021 \ | ||
| 29 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-022;apply=yes;striplevel=0;name=patch022 \ | ||
| 30 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-023;apply=yes;striplevel=0;name=patch023 \ | ||
| 31 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-024;apply=yes;striplevel=0;name=patch024 \ | ||
| 32 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-025;apply=yes;striplevel=0;name=patch025 \ | ||
| 33 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-026;apply=yes;striplevel=0;name=patch026 \ | ||
| 34 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-027;apply=yes;striplevel=0;name=patch027 \ | ||
| 35 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-028;apply=yes;striplevel=0;name=patch028 \ | ||
| 36 | ${GNU_MIRROR}/bash/bash-4.3-patches/bash43-029;apply=yes;striplevel=0;name=patch029 \ | ||
| 8 | file://execute_cmd.patch;striplevel=0 \ | 37 | file://execute_cmd.patch;striplevel=0 \ |
| 9 | file://mkbuiltins_have_stringize.patch \ | 38 | file://mkbuiltins_have_stringize.patch \ |
| 10 | file://build-tests.patch \ | 39 | file://build-tests.patch \ |
| 11 | file://test-output.patch \ | 40 | file://test-output.patch \ |
| 12 | file://cve-2014-6271.patch;striplevel=0 \ | ||
| 13 | file://cve-2014-7169.patch \ | ||
| 14 | file://run-ptest \ | 41 | file://run-ptest \ |
| 15 | " | 42 | " |
| 16 | 43 | ||
| 17 | SRC_URI[tarball.md5sum] = "81348932d5da294953e15d4814c74dd1" | 44 | SRC_URI[tarball.md5sum] = "81348932d5da294953e15d4814c74dd1" |
| 18 | SRC_URI[tarball.sha256sum] = "afc687a28e0e24dc21b988fa159ff9dbcf6b7caa92ade8645cc6d5605cd024d4" | 45 | SRC_URI[tarball.sha256sum] = "afc687a28e0e24dc21b988fa159ff9dbcf6b7caa92ade8645cc6d5605cd024d4" |
| 19 | 46 | ||
| 47 | SRC_URI[patch001.md5sum] = "1ab682b4e36afa4cf1b426aa7ac81c0d" | ||
| 48 | SRC_URI[patch001.sha256sum] = "ecb3dff2648667513e31554b3ad054ccd89fce38e33367c9459ac3a285153742" | ||
| 49 | SRC_URI[patch002.md5sum] = "8fc22cf50ec85da00f6af3d66f7ddc1b" | ||
| 50 | SRC_URI[patch002.sha256sum] = "eee7cd7062ab29a9e4f02924d9c367264dcb8b162703f74ff6eb8f175a91502b" | ||
| 51 | SRC_URI[patch003.md5sum] = "a41728eca78858758e26b5dea64ae506" | ||
| 52 | SRC_URI[patch003.sha256sum] = "000e6eac50cd9053ce0630db01239dcdead04a2c2c351c47e2b51dac1ac1087d" | ||
| 53 | SRC_URI[patch004.md5sum] = "bf8d53d227829d67235927689a03cc7a" | ||
| 54 | SRC_URI[patch004.sha256sum] = "5ea0a42c6506720d26e6d3c5c358e9a0d49f6f189d69a8ed34d5935964821338" | ||
| 55 | SRC_URI[patch005.md5sum] = "c0c00935c8b8ffff76e8ab77e7be7d15" | ||
| 56 | SRC_URI[patch005.sha256sum] = "1ac83044032b9f5f11aeca8a344ae3c524ec2156185d3adbb8ad3e7a165aa3fa" | ||
| 57 | SRC_URI[patch006.md5sum] = "6f01e364cd092faa28dd7119f47ddb5f" | ||
| 58 | SRC_URI[patch006.sha256sum] = "a0648ee72d15e4a90c8b77a5c6b19f8d89e28c1bc881657d22fe26825f040213" | ||
| 59 | SRC_URI[patch007.md5sum] = "dcf471d222bcd83283d3094e6ceeb6f8" | ||
| 60 | SRC_URI[patch007.sha256sum] = "1113e321c59cf6a8648a36245bbe4217cf8acf948d71e67886dad7d486f8f3a3" | ||
| 61 | SRC_URI[patch008.md5sum] = "f7553416646dc26c266454c78a916d36" | ||
| 62 | SRC_URI[patch008.sha256sum] = "9941a98a4987192cc5ce3d45afe879983cad2f0bec96d441a4edd9033767f95e" | ||
| 63 | SRC_URI[patch009.md5sum] = "7e73d2151f4064b484a4ba2c4b09960e" | ||
| 64 | SRC_URI[patch009.sha256sum] = "c0226d6728946b2f53cdebf090bcd1c01627f01fee03295768605caa80bb40a5" | ||
| 65 | SRC_URI[patch010.md5sum] = "a275463d21735bb6d7161f9fbd320d8f" | ||
| 66 | SRC_URI[patch010.sha256sum] = "ce05799c0137314c70c7b6ea0477c90e1ac1d52e113344be8e32fa5a55c9f0b7" | ||
| 67 | SRC_URI[patch011.md5sum] = "c17103ee20420d77e46b224c8d3fceda" | ||
| 68 | SRC_URI[patch011.sha256sum] = "7c63402cdbc004a210f6c1c527b63b13d8bb9ec9c5a43d5c464a9010ff6f7f3b" | ||
| 69 | SRC_URI[patch012.md5sum] = "3e2a057a19d02b3f92a3a09eacbc03ae" | ||
| 70 | SRC_URI[patch012.sha256sum] = "3e1379030b35fbcf314e9e7954538cf4b43be1507142b29efae39eef997b8c12" | ||
| 71 | SRC_URI[patch013.md5sum] = "fb377143a996d4ff087a2771bc8332f9" | ||
| 72 | SRC_URI[patch013.sha256sum] = "bfa8ca5336ab1f5ef988434a4bdedf71604aa8a3659636afa2ce7c7446c42c79" | ||
| 73 | SRC_URI[patch014.md5sum] = "1a1aaecc99a9d0cbc310e8e247dcc8b6" | ||
| 74 | SRC_URI[patch014.sha256sum] = "5a4d6fa2365b6eb725a9d4966248b5edf7630a4aeb3fa8d526b877972658ac13" | ||
| 75 | SRC_URI[patch015.md5sum] = "4f04387458a3c1b4d460d199f49991a8" | ||
| 76 | SRC_URI[patch015.sha256sum] = "13293e8a24e003a44d7fe928c6b1e07b444511bed2d9406407e006df28355e8d" | ||
| 77 | SRC_URI[patch016.md5sum] = "90e759709720c4f877525bebc9d5dc06" | ||
| 78 | SRC_URI[patch016.sha256sum] = "92d60bcf49f61bd7f1ccb9602bead6f2c9946d79dea0e5ec0589bb3bfa5e0773" | ||
| 79 | SRC_URI[patch017.md5sum] = "11e4046e1b86070f6adbb7ffc89641be" | ||
| 80 | SRC_URI[patch017.sha256sum] = "1267c25c6b5ba57042a7bb6c569a6de02ffd0d29530489a16666c3b8a23e7780" | ||
| 81 | SRC_URI[patch018.md5sum] = "cd5a9b46f5bea0dc0248c93c7dfac011" | ||
| 82 | SRC_URI[patch018.sha256sum] = "7aa8b40a9e973931719d8cc72284a8fb3292b71b522db57a5a79052f021a3d58" | ||
| 83 | SRC_URI[patch019.md5sum] = "cff4dc024d9d3456888aaaf8a36ca774" | ||
| 84 | SRC_URI[patch019.sha256sum] = "a7a91475228015d676cafa86d2d7aa9c5d2139aa51485b6bbdebfdfbcf0d2d23" | ||
| 85 | SRC_URI[patch020.md5sum] = "167839c5f147347f4a03d88ab97ff787" | ||
| 86 | SRC_URI[patch020.sha256sum] = "ca5e86d87f178128641fe91f2f094875b8c1eb2de9e0d2e9154f5d5cc0336c98" | ||
| 87 | SRC_URI[patch021.md5sum] = "1d350671c48dec30b34d8b81f09cd79d" | ||
| 88 | SRC_URI[patch021.sha256sum] = "41439f06883e6bd11c591d9d5e9ae08afbc2abd4b935e1d244b08100076520a9" | ||
| 89 | SRC_URI[patch022.md5sum] = "11c349af66a55481a3215ef2520bec36" | ||
| 90 | SRC_URI[patch022.sha256sum] = "fd4d47bb95c65863f634c4706c65e1e3bae4ee8460c72045c0a0618689061a88" | ||
| 91 | SRC_URI[patch023.md5sum] = "b3cb0d80fd0c47728264405cbb3b23c7" | ||
| 92 | SRC_URI[patch023.sha256sum] = "9ac250c7397a8f53dbc84dfe790d2a418fbf1fe090bcece39b4a5c84a2d300d4" | ||
| 93 | SRC_URI[patch024.md5sum] = "b5ea5600942acceb4b6f07313d2de74e" | ||
| 94 | SRC_URI[patch024.sha256sum] = "3b505882a0a6090667d75824fc919524cd44cc3bd89dd08b7c4e622d3f960f6c" | ||
| 95 | SRC_URI[patch025.md5sum] = "193c06f578d38ffdbaebae9c51a7551f" | ||
| 96 | SRC_URI[patch025.sha256sum] = "1e5186f5c4a619bb134a1177d9e9de879f3bb85d9c5726832b03a762a2499251" | ||
| 97 | SRC_URI[patch026.md5sum] = "922578e2be7ed03729454e92ee8d3f3a" | ||
| 98 | SRC_URI[patch026.sha256sum] = "2ecc12201b3ba4273b63af4e9aad2305168cf9babf6d11152796db08724c214d" | ||
| 99 | SRC_URI[patch027.md5sum] = "8ff6948b16f2db5c29b1b9ae1085bbe7" | ||
| 100 | SRC_URI[patch027.sha256sum] = "1eb76ad28561d27f7403ff3c76a36e932928a4b58a01b868d663c165f076dabe" | ||
| 101 | SRC_URI[patch028.md5sum] = "dd51fa67913b5dca45a702b672b3323f" | ||
| 102 | SRC_URI[patch028.sha256sum] = "e8b0dbed4724fa7b9bd8ff77d12c7f03da0fbfc5f8251ef5cb8511eb082b469d" | ||
| 103 | SRC_URI[patch029.md5sum] = "0729364c977ef4271e9f8dfafadacf67" | ||
| 104 | SRC_URI[patch029.sha256sum] = "4cc4a397fe6bc63ecb97d030a4e44258ef2d4e076d0e90c77782968cc43d6292" | ||
| 105 | |||
| 20 | BBCLASSEXTEND = "nativesdk" | 106 | BBCLASSEXTEND = "nativesdk" |