diff options
| author | Fredrik Rinnestam <fredrik@crux.nu> | 2014-09-26 17:40:59 +0200 |
|---|---|---|
| committer | Fredrik Rinnestam <fredrik@crux.nu> | 2014-09-26 17:40:59 +0200 |
| commit | b3112c50f9099f9aba764576f278ae8aa6384512 (patch) | |
| tree | bea4c678ad1ce966b921853a71f16f0f4085ee85 /bash | |
| parent | ab953853d574fcb8608a899e51d54b7b8c4b88de (diff) | |
| download | core-b3112c50f9099f9aba764576f278ae8aa6384512.tar.gz core-b3112c50f9099f9aba764576f278ae8aa6384512.tar.xz | |
[notify] bash: added patch for CVE-2014-7169 (incomplete CVE-2014-6271 patch)
Diffstat (limited to 'bash')
| -rw-r--r-- | bash/.md5sum | 1 | ||||
| -rw-r--r-- | bash/CVE-2014-7169.patch | 60 | ||||
| -rw-r--r-- | bash/Pkgfile | 7 |
3 files changed, 65 insertions, 3 deletions
diff --git a/bash/.md5sum b/bash/.md5sum index 9e78cc78..cd32ccde 100644 --- a/bash/.md5sum +++ b/bash/.md5sum @@ -1,3 +1,4 @@ +ef372fa0f3a246a20f6c2b75d04eaee1 CVE-2014-7169.patch 0bb8bde611b03e32a010c6aa373fa2d4 bash-4.3.25.patch.gz 81348932d5da294953e15d4814c74dd1 bash-4.3.tar.gz be4c698ea8bb7d52eab2d6ce2c3fab8e profile diff --git a/bash/CVE-2014-7169.patch b/bash/CVE-2014-7169.patch new file mode 100644 index 00000000..e48141b0 --- /dev/null +++ b/bash/CVE-2014-7169.patch @@ -0,0 +1,60 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.3 +Patch-ID: bash43-026 + +Bug-Reported-by: Tavis Ormandy <taviso () cmpxchg8b com> +Bug-Reference-ID: +Bug-Reference-URL: http://twitter.com/taviso/statuses/514887394294652929 + +Bug-Description: + +Under certain circumstances, bash can incorrectly save a lookahead character and +return it on a subsequent call, even when reading a new line. + +Patch (apply with `patch -p0'): + +*** ../bash-4.3.25/parse.y 2014-07-30 10:14:31.000000000 -0400 +--- parse.y 2014-09-25 20:20:21.000000000 -0400 +*************** +*** 2954,2957 **** +--- 2954,2959 ---- + word_desc_to_read = (WORD_DESC *)NULL; + ++ eol_ungetc_lookahead = 0; ++ + current_token = '\n'; /* XXX */ + last_read_token = '\n'; +*** ../bash-4.3.25/y.tab.c 2014-07-30 10:14:32.000000000 -0400 +--- y.tab.c 2014-09-25 20:21:48.000000000 -0400 +*************** +*** 5266,5269 **** +--- 5266,5271 ---- + word_desc_to_read = (WORD_DESC *)NULL; + ++ eol_ungetc_lookahead = 0; ++ + current_token = '\n'; /* XXX */ + last_read_token = '\n'; +*************** +*** 8540,8542 **** + } + #endif /* HANDLE_MULTIBYTE */ +- +--- 8542,8543 ---- +*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 +--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 25 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 26 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/bash/Pkgfile b/bash/Pkgfile index 776e4595..45e8a91d 100644 --- a/bash/Pkgfile +++ b/bash/Pkgfile @@ -5,15 +5,16 @@ name=bash version=4.3.25 -release=1 +release=2 source=(http://ftp.gnu.org/gnu/$name/$name-${version:0:3}.tar.gz \ - $name-$version.patch.gz profile) + $name-$version.patch.gz profile CVE-2014-7169.patch) build() { cd $name-${version:0:3} gunzip -c $SRC/$name-$version.patch.gz | patch -p0 - + patch -p0 -i $SRC/CVE-2014-7169.patch + ./configure --prefix=/usr \ --exec-prefix= \ --mandir=/usr/man \ |