summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKhem Raj <raj.khem@gmail.com>2014-09-26 13:21:19 -0700
committerRichard Purdie <richard.purdie@linuxfoundation.org>2014-10-02 12:48:10 +0100
commit51477e3c54cccf27b65d071dd310732d36072357 (patch)
tree7407362b2e04ea719db2488fa27dd2ea05858e2f
parent3bde5804e329b582739414caf2c1534b6ab1ee3d (diff)
downloadpoky-51477e3c54cccf27b65d071dd310732d36072357.tar.gz
poky-51477e3c54cccf27b65d071dd310732d36072357.tar.bz2
poky-51477e3c54cccf27b65d071dd310732d36072357.zip
bash: Fix CVE-2014-7169
This is a followup patch to incomplete CVE-2014-6271 fix code execution via specially-crafted environment Change-Id: Ibb0a587ee6e09b8174e92d005356e822ad40d4ed (From OE-Core master rev: 76a2d6b83472995edbe967aed80f0fcbb784b3fc) (From OE-Core rev: 1c8f43767c7d78872d38652ea808f30ea825bbef) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch16
-rw-r--r--meta/recipes-extended/bash/bash_3.2.48.bb1
2 files changed, 17 insertions, 0 deletions
diff --git a/meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch b/meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch
new file mode 100644
index 0000000000..2e734de434
--- /dev/null
+++ b/meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch
@@ -0,0 +1,16 @@
+Taken from http://www.openwall.com/lists/oss-security/2016/09/25/10
+
+Upstream-Status: Backport
+Index: bash-3.2.48/parse.y
+===================================================================
+--- bash-3.2.48.orig/parse.y 2008-04-29 18:24:55.000000000 -0700
++++ bash-3.2.48/parse.y 2014-09-26 13:07:31.956080056 -0700
+@@ -2503,6 +2503,8 @@
+ FREE (word_desc_to_read);
+ word_desc_to_read = (WORD_DESC *)NULL;
+
++ eol_ungetc_lookahead = 0;
++
+ last_read_token = '\n';
+ token_to_read = '\n';
+ }
diff --git a/meta/recipes-extended/bash/bash_3.2.48.bb b/meta/recipes-extended/bash/bash_3.2.48.bb
index 5849ed0169..e6a04cd888 100644
--- a/meta/recipes-extended/bash/bash_3.2.48.bb
+++ b/meta/recipes-extended/bash/bash_3.2.48.bb
@@ -13,6 +13,7 @@ SRC_URI = "${GNU_MIRROR}/bash/bash-${PV}.tar.gz;name=tarball \
file://build-tests.patch \
file://test-output.patch \
file://cve-2014-6271.patch;striplevel=0 \
+ file://cve-2014-7169.patch \
file://run-ptest \
"