summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/bash/bash_4.3.bb
Commit message (Collapse)AuthorAgeFilesLines
* bash: 4.3 -> 4.3.30Robert Yang2015-08-101-111/+0
| | | | | | | | | | Remove patch001 -> patch030 since they are already in source, add patch031 -> patch039 (From OE-Core rev: 781ec1061306f43265f9d756a89d1b86bd5d19a0) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: separate B and SRobert Yang2015-01-161-0/+2
| | | | | | | | | | It works well now, and bump the PR to avoid: x86_64-poky-linux-ar: shmatch.o: No such file or directory (From OE-Core rev: f31f86b4c81d409b91feb77a46d362de1ad29b69) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: update and CVE-2014-6278 fixMark Hatle2014-10-061-0/+3
| | | | | | | | | | Update both bash 3.2.48 (to 57), and bash 4.3 (to 30) to fix the remaining 'shellshock' security issues, CVE-2014-6278. (From OE-Core rev: a2709547644ae417fbd5435e1372068c7cd5db4c) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: Upgrade bash to latest patch level to fix CVEsMark Hatle2014-10-061-2/+88
| | | | | | | | | | | | | | | | | | | | | | | | We upgrade bash_4.3 to patch revision 29, and bash_3.2.48 to 56. There are numerous community bug fixes included with this set, but the key items are: bash32-052 CVE-2014-6271 9/24/2014 bash32-053 CVE-2014-7169 9/26/2014 bash32-054 exported function namespace change 9/27/2014 bash32-055 CVE-2014-7186/CVE-2014-7187 10/1/2014 bash32-056 CVE-2014-6277 10/2/2014 bash43-025 CVE-2014-6271 9/24/2014 bash43-026 CVE-2014-7169 9/26/2014 bash43-027 exported function namespace change 9/27/2014 bash43-028 CVE-2014-7186/CVE-2014-7187 10/1/2014 bash43-029 CVE-2014-6277 10/2/2014 (From OE-Core rev: 43deeff0c6b0ea7729d3e5f1887dfd1647dea1da) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: Fix CVE-2014-7169Khem Raj2014-09-291-0/+1
| | | | | | | | | | | This is a followup patch to incomplete CVE-2014-6271 fix code execution via specially-crafted environment Change-Id: Ibb0a587ee6e09b8174e92d005356e822ad40d4ed (From OE-Core rev: 76a2d6b83472995edbe967aed80f0fcbb784b3fc) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: fix CVE-2014-6271Ross Burton2014-09-291-0/+1
| | | | | | | | | | | | | CVE-2014-6271 aka ShellShock. "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment." (From OE-Core rev: 798d833c9d4bd9ab287fa86b85b4d5f128170ed3) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: upgrade to 4.3Hongxu Jia2014-03-051-0/+18
The bash-4.2-patches is obsolete. (From OE-Core rev: 31eb09a888729fcfd17d02f2a47375e10e87f79a) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-17 00:57:40 +0000