projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a1071d7) | patch
bash: add upstream security fixes to patch level 12
authorPeter Korsgaard <peter@korsgaard.com>
Wed, 8 Feb 2017 08:12:03 +0000 (09:12 +0100)
committerPeter Korsgaard <peter@korsgaard.com>
Wed, 8 Feb 2017 08:46:13 +0000 (09:46 +0100)
commit54a94951231ce624cf6a2e297c806c1677efdeb8
tree907a5e278016f8ecdadfdc6bfa80984a3454a34etree
parenta1071d7169e00b805dbcdaec33082ad2365dfd23commit | diff
bash: add upstream security fixes to patch level 12

Fixes CVE-2017-5932 - Shell code execution on tab completion of specially
crafted files. For details, see the report:

https://github.com/jheyens/bash_completion_vuln/raw/master/2017-01-17.bash_completion_report.pdf

We unfortunately cannot easily download these because of the file names (not
ending in patch) and patch format (p0), so convert to p1 format and include
in package/bash with the following script:

for i in 06 07 08 09 10 11 12; do
cat > bash44-0$i.patch << EOF
>From https://ftp.gnu.org/gnu/bash/bash-4.4-patches/bash44-0$i

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
EOF
curl https://ftp.gnu.org/gnu/bash/bash-4.4-patches/bash44-0$i | \
sed -e 's|^\*\*\* \.\./|*** |' -e 's|^--- |--- b/|' >> bash44-0$i.patch
done

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/bash/bash44-006.patch [new file with mode: 0644] blob
package/bash/bash44-007.patch [new file with mode: 0644] blob
package/bash/bash44-008.patch [new file with mode: 0644] blob
package/bash/bash44-009.patch [new file with mode: 0644] blob
package/bash/bash44-010.patch [new file with mode: 0644] blob
package/bash/bash44-011.patch [new file with mode: 0644] blob
package/bash/bash44-012.patch [new file with mode: 0644] blob