SF.net SVN: gar:[24133] csw/mgar/pkg/bash/trunk
chninkel at users.sourceforge.net
chninkel at users.sourceforge.net
Thu Sep 25 20:37:38 CEST 2014
Revision: 24133
http://sourceforge.net/p/gar/code/24133
Author: chninkel
Date: 2014-09-25 18:37:37 +0000 (Thu, 25 Sep 2014)
Log Message:
-----------
bash/trunk: add patch eol-pushback.patch to fix CVE-2014-7169
Modified Paths:
--------------
csw/mgar/pkg/bash/trunk/Makefile
csw/mgar/pkg/bash/trunk/files/changelog.CSW
Added Paths:
-----------
csw/mgar/pkg/bash/trunk/files/eol-pushback.patch
Modified: csw/mgar/pkg/bash/trunk/Makefile
===================================================================
--- csw/mgar/pkg/bash/trunk/Makefile 2014-09-25 14:12:11 UTC (rev 24132)
+++ csw/mgar/pkg/bash/trunk/Makefile 2014-09-25 18:37:37 UTC (rev 24133)
@@ -74,6 +74,10 @@
# add /opt/csw/bin in the hardcoded paths used for auto-selecting the EDITOR variable
PATCHFILES += 0001-bashbug-editor-path.patch
+# Current patch proposed to fix CVE-2014-7169
+# see http://www.openwall.com/lists/oss-security/2014/09/25/10
+PATCHFILES += eol-pushback.patch
+
LICENSE = COPYING
# we add CSW bash to the /etc/shells files using the build script
Modified: csw/mgar/pkg/bash/trunk/files/changelog.CSW
===================================================================
--- csw/mgar/pkg/bash/trunk/files/changelog.CSW 2014-09-25 14:12:11 UTC (rev 24132)
+++ csw/mgar/pkg/bash/trunk/files/changelog.CSW 2014-09-25 18:37:37 UTC (rev 24133)
@@ -1,5 +1,11 @@
bash (4.3.25,REV=2014.09.25) unstable
+ * Added patch eol-pushback.patch to fix CVE-2014-7169
+
+ -- Yann Rouillard <yann at opencsw.org> Thu, 25 Sep 2014 20:35:06 +0200
+
+bash (4.3.25,REV=2014.09.25) unstable
+
* Added bash patch bash43-025 to fix CVE-2014-6271
-- Yann Rouillard <yann at opencsw.org> Thu, 25 Sep 2014 08:45:14 +0200
Added: csw/mgar/pkg/bash/trunk/files/eol-pushback.patch
===================================================================
--- csw/mgar/pkg/bash/trunk/files/eol-pushback.patch (rev 0)
+++ csw/mgar/pkg/bash/trunk/files/eol-pushback.patch 2014-09-25 18:37:37 UTC (rev 24133)
@@ -0,0 +1,11 @@
+*** ../bash-20140912/parse.y 2014-08-26 15:09:42.000000000 -0400
+--- parse.y 2014-09-24 22:47:28.000000000 -0400
+***************
+*** 2959,2962 ****
+--- 2959,2964 ----
+ word_desc_to_read = (WORD_DESC *)NULL;
+
++ eol_ungetc_lookahead = 0;
++
+ current_token = '\n'; /* XXX */
+ last_read_token = '\n';
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
More information about the devel
mailing list