]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 32818a1) | patch
bash: Fix for CVE-2014-6277
authorCatalin Popeanga <Catalin.Popeanga@enea.com>
Thu, 9 Oct 2014 12:24:53 +0000 (14:24 +0200)
committerPaul Eggleton <paul.eggleton@linux.intel.com>
Sun, 12 Oct 2014 20:29:14 +0000 (21:29 +0100)
commitae653aed4c6b7d8075cd464edcd2e01237bfc105
treeaa134f8d93c3f94ec11c094c7c79df3b024db32dtree | snapshot
parent32818a104ae99a5795d91a2960d48d433d542deecommit | diff
bash: Fix for CVE-2014-6277

Follow up bash42-049 to parse properly function definitions in the
values of environment variables, to not allow remote attackers to
execute arbitrary code or to cause a denial of service.

See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277

(From OE-Core daisy rev: 85961bcf81650992259cebb0ef1f1c6cdef3fefa)

Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
meta/recipes-extended/bash/bash-3.2.48/cve-2014-6277.patch [new file with mode: 0644] blob
meta/recipes-extended/bash/bash-4.2/cve-2014-6277.patch [new file with mode: 0644] blob
meta/recipes-extended/bash/bash_3.2.48.bb diff | blob | history
meta/recipes-extended/bash/bash_4.2.bb diff | blob | history
Mirror of the official openembedded-core repository