diff options
| author | Peter Korsgaard <peter@korsgaard.com> | 2017-02-08 09:12:03 +0100 |
|---|---|---|
| committer | Peter Korsgaard <peter@korsgaard.com> | 2017-02-08 09:46:13 +0100 |
| commit | 54a94951231ce624cf6a2e297c806c1677efdeb8 (patch) | |
| tree | 907a5e278016f8ecdadfdc6bfa80984a3454a34e /package/bash/bash44-010.patch | |
| parent | a1071d7169e00b805dbcdaec33082ad2365dfd23 (diff) | |
| download | buildroot-54a94951231ce624cf6a2e297c806c1677efdeb8.tar.gz buildroot-54a94951231ce624cf6a2e297c806c1677efdeb8.zip | |
bash: add upstream security fixes to patch level 12
Fixes CVE-2017-5932 - Shell code execution on tab completion of specially
crafted files. For details, see the report:
https://github.com/jheyens/bash_completion_vuln/raw/master/2017-01-17.bash_completion_report.pdf
We unfortunately cannot easily download these because of the file names (not
ending in patch) and patch format (p0), so convert to p1 format and include
in package/bash with the following script:
for i in 06 07 08 09 10 11 12; do
cat > bash44-0$i.patch << EOF
>From https://ftp.gnu.org/gnu/bash/bash-4.4-patches/bash44-0$i
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
EOF
curl https://ftp.gnu.org/gnu/bash/bash-4.4-patches/bash44-0$i | \
sed -e 's|^\*\*\* \.\./|*** |' -e 's|^--- |--- b/|' >> bash44-0$i.patch
done
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'package/bash/bash44-010.patch')
| -rw-r--r-- | package/bash/bash44-010.patch | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/package/bash/bash44-010.patch b/package/bash/bash44-010.patch new file mode 100644 index 0000000000..8da1ec5bea --- /dev/null +++ b/package/bash/bash44-010.patch @@ -0,0 +1,53 @@ +From https://ftp.gnu.org/gnu/bash/bash-4.4-patches/bash44-010 + +Signed-off-by: Peter Korsgaard <peter@korsgaard.com> + + BASH PATCH REPORT + ================= + +Bash-Release: 4.4 +Patch-ID: bash44-010 + +Bug-Reported-by: Clark Wang <dearvoid@gmail.com> +Bug-Reference-ID: <CADv8-og092RvvUUHy46=BPKChCXw5g=GOOqgN0V3f4a3TpLebQ@mail.gmail.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2016-11/msg00104.html + +Bug-Description: + +Depending on compiler optimizations and behavior, the `read' builtin may not +save partial input when a timeout occurs. + +Patch (apply with `patch -p0'): + +*** bash-4.4-patched/builtins/read.def 2016-05-16 14:24:56.000000000 -0400 +--- b/builtins/read.def 2016-11-25 12:37:56.000000000 -0500 +*************** +*** 182,186 **** + { + register char *varname; +! int size, i, nr, pass_next, saw_escape, eof, opt, retval, code, print_ps2; + int input_is_tty, input_is_pipe, unbuffered_read, skip_ctlesc, skip_ctlnul; + int raw, edit, nchars, silent, have_timeout, ignore_delim, fd, lastsig, t_errno; +--- b/182,187 ---- + { + register char *varname; +! int size, nr, pass_next, saw_escape, eof, opt, retval, code, print_ps2; +! volatile int i; + int input_is_tty, input_is_pipe, unbuffered_read, skip_ctlesc, skip_ctlnul; + int raw, edit, nchars, silent, have_timeout, ignore_delim, fd, lastsig, t_errno; + +*** bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400 +--- b/patchlevel.h 2016-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 9 + + #endif /* _PATCHLEVEL_H_ */ +--- b/26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 10 + + #endif /* _PATCHLEVEL_H_ */ |
