mirror of
https://git.yoctoproject.org/poky
synced 2026-04-21 21:32:12 +02:00
5dd12beccd
Follow up bash43-026 to parse properly function definitions in the values of environment variables, to not allow remote attackers to execute arbitrary code or to cause a denial of service. See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277 (From OE-Core rev: 85961bcf81650992259cebb0ef1f1c6cdef3fefa) Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
24 lines
880 B
Bash
24 lines
880 B
Bash
require bash.inc
|
|
|
|
# GPLv2+ (< 4.0), GPLv3+ (>= 4.0)
|
|
LICENSE = "GPLv3+"
|
|
LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
|
|
|
|
SRC_URI = "${GNU_MIRROR}/bash/${BPN}-${PV}.tar.gz;name=tarball \
|
|
file://execute_cmd.patch;striplevel=0 \
|
|
file://mkbuiltins_have_stringize.patch \
|
|
file://build-tests.patch \
|
|
file://test-output.patch \
|
|
file://cve-2014-6271.patch;striplevel=0 \
|
|
file://cve-2014-7169.patch \
|
|
file://Fix-for-bash-exported-function-namespace-change.patch \
|
|
file://cve-2014-7186_cve-2014-7187.patch \
|
|
file://cve-2014-6277.patch \
|
|
file://run-ptest \
|
|
"
|
|
|
|
SRC_URI[tarball.md5sum] = "81348932d5da294953e15d4814c74dd1"
|
|
SRC_URI[tarball.sha256sum] = "afc687a28e0e24dc21b988fa159ff9dbcf6b7caa92ade8645cc6d5605cd024d4"
|
|
|
|
BBCLASSEXTEND = "nativesdk"
|