On Thursday 02 October 2014 00:07:41 Robert Yang wrote: > From: Khem Raj <raj.k...@gmail.com> > > This is a followup patch to incomplete CVE-2014-6271 fix > code execution via specially-crafted environment > > Change-Id: Ibb0a587ee6e09b8174e92d005356e822ad40d4ed > (From OE-Core master rev: 76a2d6b83472995edbe967aed80f0fcbb784b3fc) > > Signed-off-by: Khem Raj <raj.k...@gmail.com> > Signed-off-by: Richard Purdie <richard.pur...@linuxfoundation.org> > Signed-off-by: Robert Yang <liezhi.y...@windriver.com> > --- > .../bash/bash-3.2.48/cve-2014-7169.patch | 16 ++++++++++++++++ > meta/recipes-extended/bash/bash_3.2.48.bb | 1 + > 2 files changed, 17 insertions(+) > create mode 100644 > meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch > > diff --git a/meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch > b/meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch new file mode > 100644 > index 0000000..2e734de > --- /dev/null > +++ b/meta/recipes-extended/bash/bash-3.2.48/cve-2014-7169.patch > @@ -0,0 +1,16 @@ > +Taken from http://www.openwall.com/lists/oss-security/2016/09/25/10 > + > +Upstream-Status: Backport > +Index: bash-3.2.48/parse.y > +=================================================================== > +--- bash-3.2.48.orig/parse.y 2008-04-29 18:24:55.000000000 -0700 > ++++ bash-3.2.48/parse.y 2014-09-26 13:07:31.956080056 -0700 > +@@ -2503,6 +2503,8 @@ > + FREE (word_desc_to_read); > + word_desc_to_read = (WORD_DESC *)NULL; > + > ++ eol_ungetc_lookahead = 0; > ++ > + last_read_token = '\n'; > + token_to_read = '\n'; > + } > diff --git a/meta/recipes-extended/bash/bash_3.2.48.bb > b/meta/recipes-extended/bash/bash_3.2.48.bb index 5849ed0..e6a04cd 100644 > --- a/meta/recipes-extended/bash/bash_3.2.48.bb > +++ b/meta/recipes-extended/bash/bash_3.2.48.bb > @@ -13,6 +13,7 @@ SRC_URI = > "${GNU_MIRROR}/bash/bash-${PV}.tar.gz;name=tarball \ > file://build-tests.patch \ > file://test-output.patch \ > file://cve-2014-6271.patch;striplevel=0 \ > + file://cve-2014-7169.patch \ > file://run-ptest \ > "
Unfortunately these two only patch the 3.x version of the bash recipe, leaving the 4.x version unpatched. Cheers, Paul -- Paul Eggleton Intel Open Source Technology Centre -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
