SF.net SVN: gar:[24133] csw/mgar/pkg/bash/trunk

chninkel at users.sourceforge.net chninkel at users.sourceforge.net
Thu Sep 25 20:37:38 CEST 2014 

Revision: 24133
          http://sourceforge.net/p/gar/code/24133
Author:   chninkel
Date:     2014-09-25 18:37:37 +0000 (Thu, 25 Sep 2014)
Log Message:
-----------
bash/trunk: add patch eol-pushback.patch to fix CVE-2014-7169

Modified Paths:
--------------
    csw/mgar/pkg/bash/trunk/Makefile
    csw/mgar/pkg/bash/trunk/files/changelog.CSW

Added Paths:
-----------
    csw/mgar/pkg/bash/trunk/files/eol-pushback.patch

Modified: csw/mgar/pkg/bash/trunk/Makefile
===================================================================
--- csw/mgar/pkg/bash/trunk/Makefile	2014-09-25 14:12:11 UTC (rev 24132)
+++ csw/mgar/pkg/bash/trunk/Makefile	2014-09-25 18:37:37 UTC (rev 24133)
@@ -74,6 +74,10 @@
 # add /opt/csw/bin in the hardcoded paths used for auto-selecting the EDITOR variable
 PATCHFILES += 0001-bashbug-editor-path.patch
 
+# Current patch proposed to fix CVE-2014-7169 
+# see http://www.openwall.com/lists/oss-security/2014/09/25/10
+PATCHFILES += eol-pushback.patch
+
 LICENSE = COPYING
 
 # we add CSW bash to the /etc/shells files using the build script

Modified: csw/mgar/pkg/bash/trunk/files/changelog.CSW
===================================================================
--- csw/mgar/pkg/bash/trunk/files/changelog.CSW	2014-09-25 14:12:11 UTC (rev 24132)
+++ csw/mgar/pkg/bash/trunk/files/changelog.CSW	2014-09-25 18:37:37 UTC (rev 24133)
@@ -1,5 +1,11 @@
 bash (4.3.25,REV=2014.09.25) unstable
 
+  * Added patch eol-pushback.patch to fix CVE-2014-7169
+
+ -- Yann Rouillard <yann at opencsw.org>  Thu, 25 Sep 2014 20:35:06 +0200
+
+bash (4.3.25,REV=2014.09.25) unstable
+
   * Added bash patch bash43-025 to fix CVE-2014-6271
 
  -- Yann Rouillard <yann at opencsw.org>  Thu, 25 Sep 2014 08:45:14 +0200

Added: csw/mgar/pkg/bash/trunk/files/eol-pushback.patch
===================================================================
--- csw/mgar/pkg/bash/trunk/files/eol-pushback.patch	                        (rev 0)
+++ csw/mgar/pkg/bash/trunk/files/eol-pushback.patch	2014-09-25 18:37:37 UTC (rev 24133)
@@ -0,0 +1,11 @@
+*** ../bash-20140912/parse.y	2014-08-26 15:09:42.000000000 -0400
+--- parse.y	2014-09-24 22:47:28.000000000 -0400
+***************
+*** 2959,2962 ****
+--- 2959,2964 ----
+    word_desc_to_read = (WORD_DESC *)NULL;
+  
++   eol_ungetc_lookahead = 0;
++ 
+    current_token = '\n';		/* XXX */
+    last_read_token = '\n';

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

More information about the devel mailing list