aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/bash/bash_3.2.48.bb
diff options
context:
space:
mode:
authorCatalin Popeanga <Catalin.Popeanga@enea.com>2014-10-09 14:24:53 +0200
committerPaul Eggleton <paul.eggleton@linux.intel.com>2014-10-12 21:29:14 +0100
commitae653aed4c6b7d8075cd464edcd2e01237bfc105 (patch)
treeaa134f8d93c3f94ec11c094c7c79df3b024db32d /meta/recipes-extended/bash/bash_3.2.48.bb
parent32818a104ae99a5795d91a2960d48d433d542dee (diff)
downloadopenembedded-core-ae653aed4c6b7d8075cd464edcd2e01237bfc105.tar.gz
bash: Fix for CVE-2014-6277
Follow up bash42-049 to parse properly function definitions in the values of environment variables, to not allow remote attackers to execute arbitrary code or to cause a denial of service. See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277 (From OE-Core daisy rev: 85961bcf81650992259cebb0ef1f1c6cdef3fefa) Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Diffstat (limited to 'meta/recipes-extended/bash/bash_3.2.48.bb')
-rw-r--r--meta/recipes-extended/bash/bash_3.2.48.bb1
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-extended/bash/bash_3.2.48.bb b/meta/recipes-extended/bash/bash_3.2.48.bb
index f50bc636af..82816fdebc 100644
--- a/meta/recipes-extended/bash/bash_3.2.48.bb
+++ b/meta/recipes-extended/bash/bash_3.2.48.bb
@@ -14,6 +14,7 @@ SRC_URI = "${GNU_MIRROR}/bash/bash-${PV}.tar.gz;name=tarball \
file://cve-2014-7169.patch \
file://Fix-for-bash-exported-function-namespace-change.patch \
file://cve-2014-7186_cve-2014-7187.patch \
+ file://cve-2014-6277.patch \
"
SRC_URI[tarball.md5sum] = "338dcf975a93640bb3eaa843ca42e3f8"
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-16 11:41:22 +0000