]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 153d112) | patch
bash: Fix for CVE-2014-6277
authorCatalin Popeanga <Catalin.Popeanga@enea.com>
Thu, 9 Oct 2014 12:24:53 +0000 (14:24 +0200)
committerPaul Eggleton <paul.eggleton@linux.intel.com>
Fri, 10 Oct 2014 16:56:33 +0000 (17:56 +0100)
commit85961bcf81650992259cebb0ef1f1c6cdef3fefa
treeccaf004a34e671f00b24d2452f44ced060b9f9f2tree | snapshot
parent153d1125659df9e5c09e35a58bd51be184cb13c1commit | diff
bash: Fix for CVE-2014-6277

Follow up bash43-026 to parse properly function definitions in the values of environment variables, to not allow remote attackers to execute arbitrary code or to cause a denial of service.

See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277

Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com>
meta/recipes-extended/bash/bash-3.2.48/cve-2014-6277.patch [new file with mode: 0644] blob
meta/recipes-extended/bash/bash/cve-2014-6277.patch [new file with mode: 0644] blob
meta/recipes-extended/bash/bash_3.2.48.bb diff | blob | history
meta/recipes-extended/bash/bash_4.3.bb diff | blob | history
Mirror of the official openembedded-core repository