zsh: security bump to version 5.0.7

Fixes shellshock-alike exploits.

Install binary to /bin as all shells should be and add hash file.

[Peter: drop /bin/sh handling as we're going to handle it globally]
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

diff --git a/package/zsh/Config.in b/package/zsh/Config.in
index 6853249b987b08221f6468b9df2ba84b27877760..261df4267816b7b7f571e0517d1a4647c841993f 100644 (file)
--- a/package/zsh/Config.in
+++ b/package/zsh/Config.in
@@ -8,4 +8,4 @@ config BR2_PACKAGE_ZSH
          ksh, and tcsh were incorporated into zsh; many original features
          were added.
 
-         http://zsh.sourceforge.net/
+         http://www.zsh.org/

diff --git a/package/zsh/zsh.hash b/package/zsh/zsh.hash
new file mode 100644 (file)
index 0000000..358033f
--- /dev/null
+++ b/package/zsh/zsh.hash
@@ -0,0 +1,2 @@
+# From http://www.zsh.org/pub/MD5SUM
+md5    76726ff50309e628de670476e0508b3a        zsh-5.0.7.tar.gz

diff --git a/package/zsh/zsh.mk b/package/zsh/zsh.mk
index f4daeeb39131de05160c517a663489ce1962014e..ffc567dc642f6af9cf3efc8af7ddc6c68d003b5f 100644 (file)
--- a/package/zsh/zsh.mk
+++ b/package/zsh/zsh.mk
@@ -4,10 +4,17 @@
 #
 ################################################################################
 
-ZSH_VERSION = 5.0.6
-ZSH_SITE = http://downloads.sourceforge.net/project/zsh/zsh/$(ZSH_VERSION)
+ZSH_VERSION = 5.0.7
+ZSH_SITE = http://www.zsh.org/pub
+ZSH_DEPENDENCIES = ncurses
+ZSH_CONF_OPTS = --bindir=/bin
 ZSH_LICENSE = MIT-like
 ZSH_LICENSE_FILES = LICENCE
-ZSH_DEPENDENCIES = ncurses
+
+# Remove versioned zsh-x.y.z binary taking up space
+define ZSH_TARGET_INSTALL_FIXUPS
+       rm -f $(TARGET_DIR)/bin/zsh-$(ZSH_VERSION)
+endef
+ZSH_POST_INSTALL_TARGET_HOOKS += ZSH_TARGET_INSTALL_FIXUPS
 
 $(eval $(autotools-package))