summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/bash/bash_3.2.48.bb
Commit message (Collapse)AuthorAgeFilesLines
* bash: Fix-for-CVE-2014-6278Catalin Popeanga2014-10-161-0/+1
| | | | | | | | | | | | | | This vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277 See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278 (From OE-Core daisy rev: de596b5f31e837dcd2ce991245eb5548f12d72ae) (From OE-Core rev: 32e6864323cf2e4405b835cf474bcdf6fd572961) Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: Fix for CVE-2014-6277Catalin Popeanga2014-10-161-0/+1
| | | | | | | | | | | | | | | | Follow up bash42-049 to parse properly function definitions in the values of environment variables, to not allow remote attackers to execute arbitrary code or to cause a denial of service. See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277 (From OE-Core daisy rev: 85961bcf81650992259cebb0ef1f1c6cdef3fefa) (From OE-Core rev: ae653aed4c6b7d8075cd464edcd2e01237bfc105) Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: Fix for CVE-2014-7186 and CVE-2014-7187Catalin Popeanga2014-10-161-0/+1
| | | | | | | | | | | | | | | | This is a followup patch to incomplete CVE-2014-6271 fix code execution via specially-crafted environment https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187 (From OE-Core daisy rev: 153d1125659df9e5c09e35a58bd51be184cb13c1) (From OE-Core rev: 32818a104ae99a5795d91a2960d48d433d542dee) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: Fix for exported function namespace changeCatalin Popeanga2014-10-161-0/+1
| | | | | | | | | | | | | | | | | | This is a followup patch to incomplete CVE-2014-6271 fix code execution via specially-crafted environment This patch changes the encoding bash uses for exported functions to avoid clashes with shell variables and to avoid depending only on an environment variable's contents to determine whether or not to interpret it as a shell function. (From OE-Core daisy rev: 6c51cc96d03df26d1c10867633e7a10dfbec7c45) (From OE-Core rev: 998cd2c6dd3709ae0d47c845dff227680bda96f5) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: Fix CVE-2014-7169Khem Raj2014-10-161-0/+1
| | | | | | | | | | | | | | | | This is a followup patch to incomplete CVE-2014-6271 fix code execution via specially-crafted environment Change-Id: Ibb0a587ee6e09b8174e92d005356e822ad40d4ed (From OE-Core master rev: 76a2d6b83472995edbe967aed80f0fcbb784b3fc) (From OE-Core rev: 59e7817b6e1d1dd90668083cf34f1650a84430c0) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: fix CVE-2014-6271Ross Burton2014-10-161-0/+1
| | | | | | | | | | | | | | | | | | CVE-2014-6271 aka ShellShock. "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment." (From OE-Core master rev: 798d833c9d4bd9ab287fa86b85b4d5f128170ed3) (From OE-Core rev: d57b9ce8bb97f88c329da973c3567d04d8eb07d2) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: fix mkbuiltins build failureSaul Wold2013-01-091-1/+3
| | | | | | | | | | | | | Same patch for non-gplv3 version: http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=1fd9a16d2a4594a4e9179dc7353ac51ce32eb712 [YOCTO #3646] (From OE-Core rev: d00acdbfa7d10804ff832009888c441fda51e412) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: Make it possible to run bash 3.2.48 instead of 4.2.Martin Ertsaas2012-09-241-29/+2
| | | | | | | | | | | | bash-3.2.48 did not provide the linking from sh to bash, making it unusable. Moving the license part out of the bash.inc file, and into bash_4.2.bb file makes us able to use that file also for bash_3.2.48.bb, which makes maintaining both at the same time a lot easier. (From OE-Core rev: e7b82cb4d107bfbfa5c939d406dd6ce6615b24e1) Signed-off-by: Martin Ertsaas <mertsas@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* PR bump for all recipes that DEPEND on ncursesScott Garman2012-03-151-1/+1
| | | | | | | | | | The packaging changes to ncurses could break package feeds, so bump the PR on everythong that DEPENDS on ncurses. (From OE-Core rev: be92256917c157284ef8370bb93bbf443849b2e1) Signed-off-by: Scott Garman <scott.a.garman@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: Add SRC_URI Checksums for GPLv2Saul Wold2011-12-221-0/+3
| | | | | | | (From OE-Core rev: c1a9304eb8e40c6b34b190d82dad1d6d3499713a) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: Add SRC_URI Checksums for GPLv2Saul Wold2011-12-131-6/+15
| | | | | | | (From OE-Core rev: ae8c1f2aacd0ed2625757f57b575962db1386e4c) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: Ensure we fully reautoconf the recipes so site data is usedRichard Purdie2011-11-041-4/+7
| | | | | | | | | | This ensures bug 487 (missing job control functionality) really gets fixed. [YOCTO #487] (From OE-Core rev: 08b78066bd5a9ff2819a42eb4263ee0a78cddb97) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Various: Switch to using GNU_MIRRORTom Rini2011-03-231-3/+3
| | | | | | | (From OE-Core rev: bd9e899d1b07813c78f2dc2e5c46a67937839065) Signed-off-by: Tom Rini <tom_rini@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: pre/post actionsMark Hatle2011-02-121-1/+1
| | | | | | | | A number of the recipes did not properly label their pre and post actions, causing the actions to occur in all split packages. This was corrected by defaulting to _${PN} in most cases. Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
* bash: use /bin/bash as default shell when bash is includedKevin Tian2011-01-281-1/+1
| | | | | | | though bash is included in LSB profile, it doesn't use update-alternative to take effect and thus it's still busybox behaving as /bin/sh. Signed-off-by: Kevin Tian <kevin.tian@intel.com>
* Major layout change to the packages directoryRichard Purdie2010-08-271-0/+35
Having one monolithic packages directory makes it hard to find things and is generally overwhelming. This commit splits it into several logical sections roughly based on function, recipes.txt gives more information about the classifications used. The opportunity is also used to switch from "packages" to "recipes" as used in OpenEmbedded as the term "packages" can be confusing to people and has many different meanings. Not all recipes have been classified yet, this is just a first pass at separating things out. Some packages are moved to meta-extras as they're no longer actively used or maintained. Signed-off-by: Richard Purdie <rpurdie@linux.intel.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-19 02:12:57 +0000