bash: Fix-for-CVE-2014-6278

This vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277 See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278 (From OE-Core daisy rev: de596b5f31e837dcd2ce991245eb5548f12d72ae) Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
author: Catalin Popeanga <Catalin.Popeanga@enea.com> 2014-10-09 14:25:15 +0200
committer: Paul Eggleton <paul.eggleton@linux.intel.com> 2014-10-12 21:24:36 +0100
commit: 1e155330f6cf132997b91a7cfdfe7de319410566 (patch)
tree: 3618241e93b0bd242c295f72e82b7851495d60a2 /meta/recipes-extended/bash/bash_4.2.bb
parent: 5a802295d1f40af6f21dd3ed7e4549fe033f03a0 (diff)
download: openembedded-core-contrib-1e155330f6cf132997b91a7cfdfe7de319410566.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-extended/bash/bash_4.2.bb b/meta/recipes-extended/bash/bash_4.2.bb
index 35af8128c3..e2d391d81c 100644
--- a/meta/recipes-extended/bash/bash_4.2.bb
+++ b/meta/recipes-extended/bash/bash_4.2.bb
@@ -26,6 +26,7 @@ SRC_URI = "${GNU_MIRROR}/bash/${BPN}-${PV}.tar.gz;name=tarball \
            file://Fix-for-bash-exported-function-namespace-change.patch;striplevel=0 \
            file://cve-2014-7186_cve-2014-7187.patch;striplevel=0 \
            file://cve-2014-6277.patch \
+           file://cve-2014-6278.patch;striplevel=0 \
            file://run-ptest \
            "
author	Catalin Popeanga <Catalin.Popeanga@enea.com>	2014-10-09 14:25:15 +0200
committer	Paul Eggleton <paul.eggleton@linux.intel.com>	2014-10-12 21:24:36 +0100
commit	1e155330f6cf132997b91a7cfdfe7de319410566 (patch)
tree	3618241e93b0bd242c295f72e82b7851495d60a2 /meta/recipes-extended/bash/bash_4.2.bb
parent	5a802295d1f40af6f21dd3ed7e4549fe033f03a0 (diff)
download	openembedded-core-contrib-1e155330f6cf132997b91a7cfdfe7de319410566.tar.gz