From b91889fb3e98069b7d5e9c8a544ed511d6544f24 Mon Sep 17 00:00:00 2001
From: Catalin Popeanga <Catalin.Popeanga@enea.com>
Date: Thu, 9 Oct 2014 14:23:24 +0200
Subject: bash: Fix for exported function namespace change

This is a followup patch to incomplete CVE-2014-6271 fix code execution via
specially-crafted environment

This patch changes the encoding bash uses for exported functions to avoid
clashes with shell variables and to avoid depending only on an environment
variable's contents to determine whether or not to interpret it as a shell
function.

(From OE-Core daisy rev: 6c51cc96d03df26d1c10867633e7a10dfbec7c45)

(From OE-Core rev: 998cd2c6dd3709ae0d47c845dff227680bda96f5)

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-extended/bash/bash_3.2.48.bb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'meta/recipes-extended/bash/bash_3.2.48.bb')

diff --git a/meta/recipes-extended/bash/bash_3.2.48.bb b/meta/recipes-extended/bash/bash_3.2.48.bb
index 8362c27fc1..1e6e3f3a28 100644
--- a/meta/recipes-extended/bash/bash_3.2.48.bb
+++ b/meta/recipes-extended/bash/bash_3.2.48.bb
@@ -12,6 +12,7 @@ SRC_URI = "${GNU_MIRROR}/bash/bash-${PV}.tar.gz;name=tarball \
            file://mkbuiltins_have_stringize.patch \
            file://cve-2014-6271.patch;striplevel=0 \
            file://cve-2014-7169.patch \
+           file://Fix-for-bash-exported-function-namespace-change.patch \
           "
 
 SRC_URI[tarball.md5sum] = "338dcf975a93640bb3eaa843ca42e3f8"
-- 
cgit v1.2.3-54-g00ecf