mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-20 18:32:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

bash: Fix CVE-2014-7169

Browse Source 
This is a followup patch to incomplete CVE-2014-6271 fix
code execution via specially-crafted environment

Change-Id: Ibb0a587ee6e09b8174e92d005356e822ad40d4ed
(From OE-Core rev: 76a2d6b83472995edbe967aed80f0fcbb784b3fc)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Khem Raj
2014-09-26 13:21:19 -07:00
committed by Richard Purdie
parent cab81b3418
commit d6709b0133
4 changed files with 34 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch Normal file
View File

@@ -0,0 +1,16 @@
Taken from http://www.openwall.com/lists/oss-security/2016/09/25/10
Upstream-Status: Backport
Index: bash-3.2.48/parse.y
===================================================================
--- bash-3.2.48.orig/parse.y 2008-04-29 18:24:55.000000000 -0700
+++ bash-3.2.48/parse.y 2014-09-26 13:07:31.956080056 -0700
@@ -2503,6 +2503,8 @@
FREE (word_desc_to_read);
word_desc_to_read = (WORD_DESC *)NULL;
+ eol_ungetc_lookahead = 0;
+
last_read_token = '\n';
token_to_read = '\n';
}

16
meta/recipes-extended/bash/bash/cve-2014-7169.patch Normal file
View File

@@ -0,0 +1,16 @@
Taken from http://www.openwall.com/lists/oss-security/2016/09/25/10
Upstream-Status: Backport
Index: bash-4.3/parse.y
===================================================================
--- bash-4.3.orig/parse.y 2014-09-26 13:10:44.340080056 -0700
+++ bash-4.3/parse.y 2014-09-26 13:11:44.764080056 -0700
@@ -2953,6 +2953,8 @@
FREE (word_desc_to_read);
word_desc_to_read = (WORD_DESC *)NULL;
+ eol_ungetc_lookahead = 0;
+
current_token = '\n'; /* XXX */
last_read_token = '\n';
token_to_read = '\n';

1
meta/recipes-extended/bash/bash_3.2.48.bb
View File

@@ -13,6 +13,7 @@ SRC_URI = "${GNU_MIRROR}/bash/bash-${PV}.tar.gz;name=tarball \
file://build-tests.patch \
file://test-output.patch \
file://cve-2014-6271.patch;striplevel=0 \
file://cve-2014-7169.patch \
file://run-ptest \
"

1
meta/recipes-extended/bash/bash_4.3.bb
View File

@@ -10,6 +10,7 @@ SRC_URI = "${GNU_MIRROR}/bash/${BPN}-${PV}.tar.gz;name=tarball \
file://build-tests.patch \
file://test-output.patch \
file://cve-2014-6271.patch;striplevel=0 \
file://cve-2014-7169.patch \
file://run-ptest \
"