diff options
| author | Catalin Popeanga <Catalin.Popeanga@enea.com> | 2014-10-09 14:23:24 +0200 |
|---|---|---|
| committer | Paul Eggleton <paul.eggleton@linux.intel.com> | 2014-10-12 21:29:14 +0100 |
| commit | 998cd2c6dd3709ae0d47c845dff227680bda96f5 (patch) | |
| tree | a27b628946850900b84fbbba90ddc167279e4f98 /meta/recipes-extended/bash/bash_3.2.48.bb | |
| parent | 59e7817b6e1d1dd90668083cf34f1650a84430c0 (diff) | |
| download | openembedded-core-998cd2c6dd3709ae0d47c845dff227680bda96f5.tar.gz openembedded-core-998cd2c6dd3709ae0d47c845dff227680bda96f5.tar.bz2 openembedded-core-998cd2c6dd3709ae0d47c845dff227680bda96f5.zip | |
bash: Fix for exported function namespace change
This is a followup patch to incomplete CVE-2014-6271 fix code execution via
specially-crafted environment
This patch changes the encoding bash uses for exported functions to avoid
clashes with shell variables and to avoid depending only on an environment
variable's contents to determine whether or not to interpret it as a shell
function.
(From OE-Core daisy rev: 6c51cc96d03df26d1c10867633e7a10dfbec7c45)
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Diffstat (limited to 'meta/recipes-extended/bash/bash_3.2.48.bb')
| -rw-r--r-- | meta/recipes-extended/bash/bash_3.2.48.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-extended/bash/bash_3.2.48.bb b/meta/recipes-extended/bash/bash_3.2.48.bb index 8362c27fc1..1e6e3f3a28 100644 --- a/meta/recipes-extended/bash/bash_3.2.48.bb +++ b/meta/recipes-extended/bash/bash_3.2.48.bb @@ -12,6 +12,7 @@ SRC_URI = "${GNU_MIRROR}/bash/bash-${PV}.tar.gz;name=tarball \ file://mkbuiltins_have_stringize.patch \ file://cve-2014-6271.patch;striplevel=0 \ file://cve-2014-7169.patch \ + file://Fix-for-bash-exported-function-namespace-change.patch \ " SRC_URI[tarball.md5sum] = "338dcf975a93640bb3eaa843ca42e3f8" |