summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/bash/bash
Commit message (Collapse)AuthorAgeFilesLines
* bash: Security fix CVE-2016-0634Sona Sarmadi2016-11-081-0/+136
| | | | | | | | | | | | References to upstream patch: https://ftp.gnu.org/pub/gnu/bash/bash-4.3-patches/bash43-047 http://openwall.com/lists/oss-security/2016/09/16/8 (From OE-Core rev: 24455c63494b7030b8a337f0dad98687d15d9ce6) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: fixed ptest run-builtins failedDengke Du2016-06-291-0/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1. redirect the stderr output of the command exec with -l option to /dev/null. Because when we run command exec with -l option in builtins.tests, it is a login shell, so it would read the file /etc/profile, that file executes the /usr/bin/resize which added by commit: cc6360f4c4d97e0000f9d3545f381224ee99ce7d The /usr/bin/resize is produced by busybox that source code resize.c contains: fprintf(stderr, ESC"7" ESC"[r" ESC"[999;999H" ESC"[6n"); In the end, it outputs an escape sequence to the stderr, so when we compare the test output file /tmp/xx with builtins.right, it failed. we need to redirect the stderr output to the /dev/null to solve the problem. 2. ensure the target system contains the locales "en_US.UTF-8". Because when run the run-builtins, it executes the source5.sub file that contain: LC_ALL=en_US.UTF-8 such as add the following to the local.conf: IMAGE_LINGUAS_append = " en-us" (From OE-Core rev: 5f82f3df7d4a7d6ae9a1ea3b6bc1d620a3d6c329) (From OE-Core rev: 7107b7832a98c311f5020513229b091be6c4f769) Signed-off-by: Dengke Du <dengke.du@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: fix testcase run-coproc/run-execscript/run-test/run-heredoc failedHongxu Jia2015-12-122-1/+170
| | | | | | | | | | | | | | | | | | | | | Add user 'test' to fix the failure of 'the test suite should not be run as root'(run-execscript and run-test) Backport test case from git://git.sv.gnu.org/bash.git to fix run-execscript and run-heredoc Still failed cases: FAIL: run-intl FAIL: run-lastpipe FAIL: run-trap YOCTO: 5698 (From OE-Core rev: 1096140cb1d2532ecb38ac5fbbbe13d40fdaf6af) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: append srcdir to run-ptest scriptAjay M2015-08-161-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | If srcdir is not set, we get below error while running ptest for bash on qemu target, -- snip -- root@qemux86:/usr/lib/bash/ptest# ./run-ptest /bin/sh: line 0: cd: /home/ajay/Downloads/poky-fido-13.0.0/build/tmp/work/i586-poky-linux/bash/4.3-r1/bash-4.3/tests: No such file or directory Makefile:879: recipe for target 'runtest' failed make: *** [runtest] Error 1 root@qemux86:/usr/lib/bash/ptest# vi run-ptest root@qemux86:/usr/lib/bash/ptest# -- CUT -- So, set srcdir to current directory, where tests binaries exist. [YOCTO #8145] (From OE-Core rev: 00d94314679eb4345b5012389aa6252abe871a76) Signed-off-by: Ajay M <ajay.gju@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: Upgrade bash to latest patch level to fix CVEsMark Hatle2014-10-062-130/+0
| | | | | | | | | | | | | | | | | | | | | | | | We upgrade bash_4.3 to patch revision 29, and bash_3.2.48 to 56. There are numerous community bug fixes included with this set, but the key items are: bash32-052 CVE-2014-6271 9/24/2014 bash32-053 CVE-2014-7169 9/26/2014 bash32-054 exported function namespace change 9/27/2014 bash32-055 CVE-2014-7186/CVE-2014-7187 10/1/2014 bash32-056 CVE-2014-6277 10/2/2014 bash43-025 CVE-2014-6271 9/24/2014 bash43-026 CVE-2014-7169 9/26/2014 bash43-027 exported function namespace change 9/27/2014 bash43-028 CVE-2014-7186/CVE-2014-7187 10/1/2014 bash43-029 CVE-2014-6277 10/2/2014 (From OE-Core rev: 43deeff0c6b0ea7729d3e5f1887dfd1647dea1da) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: Fix CVE-2014-7169Khem Raj2014-09-291-0/+16
| | | | | | | | | | | This is a followup patch to incomplete CVE-2014-6271 fix code execution via specially-crafted environment Change-Id: Ibb0a587ee6e09b8174e92d005356e822ad40d4ed (From OE-Core rev: 76a2d6b83472995edbe967aed80f0fcbb784b3fc) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: fix CVE-2014-6271Ross Burton2014-09-291-0/+114
| | | | | | | | | | | | | CVE-2014-6271 aka ShellShock. "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment." (From OE-Core rev: 798d833c9d4bd9ab287fa86b85b4d5f128170ed3) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: update build-tests.patchHongxu Jia2014-03-051-0/+55
| | | | | | | (From OE-Core rev: 3c234df240a11903ef3588a2c078dcbce4ca1719) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: upgrade to 4.3Hongxu Jia2014-03-054-0/+70
The bash-4.2-patches is obsolete. (From OE-Core rev: 31eb09a888729fcfd17d02f2a47375e10e87f79a) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-30 19:17:03 +0000