diff options
author | Mark Hatle <mark.hatle@windriver.com> | 2014-10-03 09:51:25 -0500 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2014-10-06 15:07:59 +0100 |
commit | 43deeff0c6b0ea7729d3e5f1887dfd1647dea1da (patch) | |
tree | c6a6c513d0a9c064b0a51b52c57589fdaf193de7 /meta/recipes-extended/bash/bash_3.2.48.bb | |
parent | b2c6a032d6e5deb07e76ed75fcd0931fad6a748c (diff) | |
download | openembedded-core-contrib-43deeff0c6b0ea7729d3e5f1887dfd1647dea1da.tar.gz |
bash: Upgrade bash to latest patch level to fix CVEs
We upgrade bash_4.3 to patch revision 29, and bash_3.2.48 to 56.
There are numerous community bug fixes included with this set, but the key
items are:
bash32-052 CVE-2014-6271 9/24/2014
bash32-053 CVE-2014-7169 9/26/2014
bash32-054 exported function namespace change 9/27/2014
bash32-055 CVE-2014-7186/CVE-2014-7187 10/1/2014
bash32-056 CVE-2014-6277 10/2/2014
bash43-025 CVE-2014-6271 9/24/2014
bash43-026 CVE-2014-7169 9/26/2014
bash43-027 exported function namespace change 9/27/2014
bash43-028 CVE-2014-7186/CVE-2014-7187 10/1/2014
bash43-029 CVE-2014-6277 10/2/2014
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/bash/bash_3.2.48.bb')
-rw-r--r-- | meta/recipes-extended/bash/bash_3.2.48.bb | 38 |
1 files changed, 24 insertions, 14 deletions
diff --git a/meta/recipes-extended/bash/bash_3.2.48.bb b/meta/recipes-extended/bash/bash_3.2.48.bb index e6a04cd888..77f251409e 100644 --- a/meta/recipes-extended/bash/bash_3.2.48.bb +++ b/meta/recipes-extended/bash/bash_3.2.48.bb @@ -6,25 +6,35 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=fd5d9bcabd8ed5a54a01ce8d183d592a" PR = "r11" SRC_URI = "${GNU_MIRROR}/bash/bash-${PV}.tar.gz;name=tarball \ - ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-049;apply=yes;striplevel=0;name=patch001 \ - ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-050;apply=yes;striplevel=0;name=patch002 \ - ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-051;apply=yes;striplevel=0;name=patch003 \ + ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-049;apply=yes;striplevel=0;name=patch049 \ + ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-050;apply=yes;striplevel=0;name=patch050 \ + ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-051;apply=yes;striplevel=0;name=patch051 \ + ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-052;apply=yes;striplevel=0;name=patch052 \ + ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-053;apply=yes;striplevel=0;name=patch053 \ + ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-054;apply=yes;striplevel=0;name=patch054 \ + ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-055;apply=yes;striplevel=0;name=patch055 \ + ${GNU_MIRROR}/bash/bash-3.2-patches/bash32-056;apply=yes;striplevel=0;name=patch056 \ file://mkbuiltins_have_stringize.patch \ file://build-tests.patch \ file://test-output.patch \ - file://cve-2014-6271.patch;striplevel=0 \ - file://cve-2014-7169.patch \ file://run-ptest \ " SRC_URI[tarball.md5sum] = "338dcf975a93640bb3eaa843ca42e3f8" SRC_URI[tarball.sha256sum] = "128d281bd5682ba5f6953122915da71976357d7a76490d266c9173b1d0426348" -SRC_URI[patch001.md5sum] = "af571a2d164d5abdcae4499e94e8892c" -SRC_URI[patch001.sha256sum] = "b1217ed94bdb95dc878fa5cabbf8a164435eb0d9da23a392198f48566ee34a2f" -SRC_URI[patch002.md5sum] = "8443d4385d73ec835abe401d90591377" -SRC_URI[patch002.sha256sum] = "081bb03c580ecee63ba03b40beb3caf509eca29515b2e8dd3c078503609a1642" -SRC_URI[patch003.md5sum] = "15c6653042e9814aa87120098fc7a849" -SRC_URI[patch003.sha256sum] = "354886097cd95b4def77028f32ee01e2e088d58a98184fede9d3ce9320e218ef" - -SRC_URI[md5sum] = "338dcf975a93640bb3eaa843ca42e3f8" -SRC_URI[sha256sum] = "128d281bd5682ba5f6953122915da71976357d7a76490d266c9173b1d0426348" +SRC_URI[patch049.md5sum] = "af571a2d164d5abdcae4499e94e8892c" +SRC_URI[patch049.sha256sum] = "b1217ed94bdb95dc878fa5cabbf8a164435eb0d9da23a392198f48566ee34a2f" +SRC_URI[patch050.md5sum] = "8443d4385d73ec835abe401d90591377" +SRC_URI[patch050.sha256sum] = "081bb03c580ecee63ba03b40beb3caf509eca29515b2e8dd3c078503609a1642" +SRC_URI[patch051.md5sum] = "15c6653042e9814aa87120098fc7a849" +SRC_URI[patch051.sha256sum] = "354886097cd95b4def77028f32ee01e2e088d58a98184fede9d3ce9320e218ef" +SRC_URI[patch052.md5sum] = "691023a944bbb9003cc92ad462d91fa1" +SRC_URI[patch052.sha256sum] = "a0eccf9ceda50871db10d21efdd74b99e35efbd55c970c400eeade012816bb61" +SRC_URI[patch053.md5sum] = "eb97d1c9230a55283d9dac69d3de2e46" +SRC_URI[patch053.sha256sum] = "fe6f0e96e0b966eaed9fb5e930ca12891f4380f30f9e0a773d200ff2063a864e" +SRC_URI[patch054.md5sum] = "1107744058c43b247f597584b88ba0a6" +SRC_URI[patch054.sha256sum] = "c6dab911e85688c542ce75afc175dbb4e5011de5102758e19a4a80dac1e79359" +SRC_URI[patch055.md5sum] = "05d201176d3499e2dfa4a73d09d42f05" +SRC_URI[patch055.sha256sum] = "c0e816700837942ed548da74e5917f74b70cbbbb10c9f2caf73e8e06a0713d0a" +SRC_URI[patch056.md5sum] = "222eaa3a2c26f54a15aa5e08817a534a" +SRC_URI[patch056.sha256sum] = "063a8d8d74e4407bf07a32b965b8ef6d213a66abdb6af26cc3584a437a56bbb4" |