]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: bdfe1e3) | patch
bash: Fix for CVE-2014-6277
authorCatalin Popeanga <Catalin.Popeanga@enea.com>
Thu, 9 Oct 2014 12:24:53 +0000 (14:24 +0200)
committerPaul Eggleton <paul.eggleton@linux.intel.com>
Sun, 12 Oct 2014 20:24:36 +0000 (21:24 +0100)
commit5a802295d1f40af6f21dd3ed7e4549fe033f03a0
treeab199cf62649ecd8c72eb461ab147e5bd429b29atree | snapshot
parentbdfe1e3770aeee9a1a7c65d4834f1a99820d3140commit | diff
bash: Fix for CVE-2014-6277

Follow up bash42-049 to parse properly function definitions in the
values of environment variables, to not allow remote attackers to
execute arbitrary code or to cause a denial of service.

See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277

(From OE-Core daisy rev: 85961bcf81650992259cebb0ef1f1c6cdef3fefa)

Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
meta/recipes-extended/bash/bash-3.2.48/cve-2014-6277.patch [new file with mode: 0644] blob
meta/recipes-extended/bash/bash-4.2/cve-2014-6277.patch [new file with mode: 0644] blob
meta/recipes-extended/bash/bash_3.2.48.bb diff | blob | history
meta/recipes-extended/bash/bash_4.2.bb diff | blob | history
Mirror of the official openembedded-core repository