summaryrefslogtreecommitdiff
path: root/meta/recipes-extended/bash/bash-3.2.48
diff options
context:
space:
mode:
authorMark Hatle <mark.hatle@windriver.com>2014-10-03 09:51:25 -0500
committerRichard Purdie <richard.purdie@linuxfoundation.org>2014-10-06 15:07:59 +0100
commit43deeff0c6b0ea7729d3e5f1887dfd1647dea1da (patch)
treec6a6c513d0a9c064b0a51b52c57589fdaf193de7 /meta/recipes-extended/bash/bash-3.2.48
parentb2c6a032d6e5deb07e76ed75fcd0931fad6a748c (diff)
downloadopenembedded-core-43deeff0c6b0ea7729d3e5f1887dfd1647dea1da.tar.gz
openembedded-core-43deeff0c6b0ea7729d3e5f1887dfd1647dea1da.tar.bz2
openembedded-core-43deeff0c6b0ea7729d3e5f1887dfd1647dea1da.zip
bash: Upgrade bash to latest patch level to fix CVEs
We upgrade bash_4.3 to patch revision 29, and bash_3.2.48 to 56. There are numerous community bug fixes included with this set, but the key items are: bash32-052 CVE-2014-6271 9/24/2014 bash32-053 CVE-2014-7169 9/26/2014 bash32-054 exported function namespace change 9/27/2014 bash32-055 CVE-2014-7186/CVE-2014-7187 10/1/2014 bash32-056 CVE-2014-6277 10/2/2014 bash43-025 CVE-2014-6271 9/24/2014 bash43-026 CVE-2014-7169 9/26/2014 bash43-027 exported function namespace change 9/27/2014 bash43-028 CVE-2014-7186/CVE-2014-7187 10/1/2014 bash43-029 CVE-2014-6277 10/2/2014 Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/bash/bash-3.2.48')
-rw-r--r--meta/recipes-extended/bash/bash-3.2.48/cve-2014-6271.patch77
-rw-r--r--meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch16
2 files changed, 0 insertions, 93 deletions
diff --git a/meta/recipes-extended/bash/bash-3.2.48/cve-2014-6271.patch b/meta/recipes-extended/bash/bash-3.2.48/cve-2014-6271.patch
deleted file mode 100644
index 7226ffb665..0000000000
--- a/meta/recipes-extended/bash/bash-3.2.48/cve-2014-6271.patch
+++ /dev/null
@@ -1,77 +0,0 @@
-Fix CVE-2014-6271, aka ShellShock.
-
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-
-*** ../bash-3.2.51/builtins/common.h 2006-03-06 09:38:44.000000000 -0500
---- builtins/common.h 2014-09-16 19:08:02.000000000 -0400
-***************
-*** 34,37 ****
---- 34,39 ----
-
- /* Flags for describe_command, shared between type.def and command.def */
-+ #define SEVAL_FUNCDEF 0x080 /* only allow function definitions */
-+ #define SEVAL_ONECMD 0x100 /* only allow a single command */
- #define CDESC_ALL 0x001 /* type -a */
- #define CDESC_SHORTDESC 0x002 /* command -V */
-*** ../bash-3.2.51/builtins/evalstring.c 2008-11-15 17:47:04.000000000 -0500
---- builtins/evalstring.c 2014-09-16 19:08:02.000000000 -0400
-***************
-*** 235,238 ****
---- 235,246 ----
- struct fd_bitmap *bitmap;
-
-+ if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def)
-+ {
-+ internal_warning ("%s: ignoring function definition attempt", from_file);
-+ should_jump_to_top_level = 0;
-+ last_result = last_command_exit_value = EX_BADUSAGE;
-+ break;
-+ }
-+
- bitmap = new_fd_bitmap (FD_BITMAP_SIZE);
- begin_unwind_frame ("pe_dispose");
-***************
-*** 292,295 ****
---- 300,306 ----
- dispose_fd_bitmap (bitmap);
- discard_unwind_frame ("pe_dispose");
-+
-+ if (flags & SEVAL_ONECMD)
-+ break;
- }
- }
-*** ../bash-3.2.51/variables.c 2008-11-15 17:15:06.000000000 -0500
---- variables.c 2014-09-16 19:10:39.000000000 -0400
-***************
-*** 319,328 ****
- strcpy (temp_string + char_index + 1, string);
-
-! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST);
-!
-! /* Ancient backwards compatibility. Old versions of bash exported
-! functions like name()=() {...} */
-! if (name[char_index - 1] == ')' && name[char_index - 2] == '(')
-! name[char_index - 2] = '\0';
-
- if (temp_var = find_function (name))
---- 319,326 ----
- strcpy (temp_string + char_index + 1, string);
-
-! /* Don't import function names that are invalid identifiers from the
-! environment. */
-! if (legal_identifier (name))
-! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD);
-
- if (temp_var = find_function (name))
-***************
-*** 333,340 ****
- else
- report_error (_("error importing function definition for `%s'"), name);
--
-- /* ( */
-- if (name[char_index - 1] == ')' && name[char_index - 2] == '\0')
-- name[char_index - 2] = '('; /* ) */
- }
- #if defined (ARRAY_VARS)
---- 331,334 ----
diff --git a/meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch b/meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch
deleted file mode 100644
index 2e734de434..0000000000
--- a/meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-Taken from http://www.openwall.com/lists/oss-security/2016/09/25/10
-
-Upstream-Status: Backport
-Index: bash-3.2.48/parse.y
-===================================================================
---- bash-3.2.48.orig/parse.y 2008-04-29 18:24:55.000000000 -0700
-+++ bash-3.2.48/parse.y 2014-09-26 13:07:31.956080056 -0700
-@@ -2503,6 +2503,8 @@
- FREE (word_desc_to_read);
- word_desc_to_read = (WORD_DESC *)NULL;
-
-+ eol_ungetc_lookahead = 0;
-+
- last_read_token = '\n';
- token_to_read = '\n';
- }