aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/bash/bash_3.2.48.bb
AgeCommit message (Collapse)Author
2014-10-06bash: update and CVE-2014-6278 fixMark Hatle
Update both bash 3.2.48 (to 57), and bash 4.3 (to 30) to fix the remaining 'shellshock' security issues, CVE-2014-6278. Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-10-06bash: Upgrade bash to latest patch level to fix CVEsMark Hatle
We upgrade bash_4.3 to patch revision 29, and bash_3.2.48 to 56. There are numerous community bug fixes included with this set, but the key items are: bash32-052 CVE-2014-6271 9/24/2014 bash32-053 CVE-2014-7169 9/26/2014 bash32-054 exported function namespace change 9/27/2014 bash32-055 CVE-2014-7186/CVE-2014-7187 10/1/2014 bash32-056 CVE-2014-6277 10/2/2014 bash43-025 CVE-2014-6271 9/24/2014 bash43-026 CVE-2014-7169 9/26/2014 bash43-027 exported function namespace change 9/27/2014 bash43-028 CVE-2014-7186/CVE-2014-7187 10/1/2014 bash43-029 CVE-2014-6277 10/2/2014 Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-09-29bash: Fix CVE-2014-7169Khem Raj
This is a followup patch to incomplete CVE-2014-6271 fix code execution via specially-crafted environment Change-Id: Ibb0a587ee6e09b8174e92d005356e822ad40d4ed Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-09-29bash: fix CVE-2014-6271Ross Burton
CVE-2014-6271 aka ShellShock. "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment." Signed-off-by: Ross Burton <ross.burton@intel.com>
2013-07-25bash: Add ptestMuhammad Shakeel
ptest support was already added for v4.2 but for the distros using GPLv2 version of bash (3.2.48) this update is required. Signed-off-by: Muhammad Shakeel <muhammad_shakeel@mentor.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2013-01-09bash: fix mkbuiltins build failureSaul Wold
Same patch for non-gplv3 version: http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=1fd9a16d2a4594a4e9179dc7353ac51ce32eb712 [YOCTO #3646] Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-09-24bash: Make it possible to run bash 3.2.48 instead of 4.2.Martin Ertsaas
bash-3.2.48 did not provide the linking from sh to bash, making it unusable. Moving the license part out of the bash.inc file, and into bash_4.2.bb file makes us able to use that file also for bash_3.2.48.bb, which makes maintaining both at the same time a lot easier. Signed-off-by: Martin Ertsaas <mertsas@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-03-14PR bump for all recipes that DEPEND on ncursesScott Garman
The packaging changes to ncurses could break package feeds, so bump the PR on everythong that DEPENDS on ncurses. Signed-off-by: Scott Garman <scott.a.garman@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2011-12-22bash: Add SRC_URI Checksums for GPLv2Saul Wold
Signed-off-by: Saul Wold <sgw@linux.intel.com>
2011-12-13bash: Add SRC_URI Checksums for GPLv2Saul Wold
Signed-off-by: Saul Wold <sgw@linux.intel.com>
2011-11-04bash: Ensure we fully reautoconf the recipes so site data is usedRichard Purdie
This ensures bug 487 (missing job control functionality) really gets fixed. [YOCTO #487] Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2011-03-23Various: Switch to using GNU_MIRRORTom Rini
Signed-off-by: Tom Rini <tom_rini@mentor.com>
2011-02-12recipes: pre/post actionsMark Hatle
A number of the recipes did not properly label their pre and post actions, causing the actions to occur in all split packages. This was corrected by defaulting to _${PN} in most cases. Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
2011-01-28bash: use /bin/bash as default shell when bash is includedKevin Tian
though bash is included in LSB profile, it doesn't use update-alternative to take effect and thus it's still busybox behaving as /bin/sh. Signed-off-by: Kevin Tian <kevin.tian@intel.com>
2010-08-27Major layout change to the packages directoryRichard Purdie
Having one monolithic packages directory makes it hard to find things and is generally overwhelming. This commit splits it into several logical sections roughly based on function, recipes.txt gives more information about the classifications used. The opportunity is also used to switch from "packages" to "recipes" as used in OpenEmbedded as the term "packages" can be confusing to people and has many different meanings. Not all recipes have been classified yet, this is just a first pass at separating things out. Some packages are moved to meta-extras as they're no longer actively used or maintained. Signed-off-by: Richard Purdie <rpurdie@linux.intel.com>
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-20 22:17:45 +0000