import bash-4.4.19-14.el8
This commit is contained in:
		
							parent
							
								
									b29a3bd7f6
								
							
						
					
					
						commit
						0bfb3e2a20
					
				
							
								
								
									
										95
									
								
								SOURCES/bash-5.0-bgp-resize.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										95
									
								
								SOURCES/bash-5.0-bgp-resize.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,95 @@ | |||||||
|  | diff --git a/include/typemax.h b/include/typemax.h
 | ||||||
|  | --- a/include/typemax.h
 | ||||||
|  | +++ b/include/typemax.h
 | ||||||
|  | @@ -35,14 +35,23 @@
 | ||||||
|  |  #  define TYPE_SIGNED(t)	(! ((t) 0 < (t) -1)) | ||||||
|  |  #endif | ||||||
|  |   | ||||||
|  | +#ifndef TYPE_SIGNED_MAGNITUDE
 | ||||||
|  | +#  define TYPE_SIGNED_MAGNITUDE(t) ((t) ~ (t) 0 < (t) -1)
 | ||||||
|  | +#endif
 | ||||||
|  | +
 | ||||||
|  | +#ifndef TYPE_WIDTH
 | ||||||
|  | +#  define TYPE_WIDTH(t) (sizeof (t) * CHAR_BIT)
 | ||||||
|  | +#endif
 | ||||||
|  | +
 | ||||||
|  |  #ifndef TYPE_MINIMUM | ||||||
|  | -#  define TYPE_MINIMUM(t) ((t) (TYPE_SIGNED (t) \
 | ||||||
|  | -				? ~ (t) 0 << (sizeof (t) * CHAR_BIT - 1) \
 | ||||||
|  | -				: (t) 0))
 | ||||||
|  | +#  define TYPE_MINIMUM(t) ((t) ~ TYPE_MAXIMUM (t))
 | ||||||
|  |  #endif | ||||||
|  |   | ||||||
|  |  #ifndef TYPE_MAXIMUM | ||||||
|  | -#  define TYPE_MAXIMUM(t) ((t) (~ (t) 0 - TYPE_MINIMUM (t)))
 | ||||||
|  | +#  define TYPE_MAXIMUM(t)  \
 | ||||||
|  | +  ((t) (! TYPE_SIGNED (t) \
 | ||||||
|  | +        ? (t) -1 \
 | ||||||
|  | +        : ((((t) 1 << (TYPE_WIDTH (t) - 2)) - 1) * 2 + 1)))
 | ||||||
|  |  #endif | ||||||
|  |   | ||||||
|  |  #ifdef HAVE_LONG_LONG | ||||||
|  | diff --git a/jobs.c b/jobs.c
 | ||||||
|  | --- a/jobs.c
 | ||||||
|  | +++ b/jobs.c
 | ||||||
|  | @@ -72,6 +72,8 @@
 | ||||||
|  |  #include "execute_cmd.h" | ||||||
|  |  #include "flags.h" | ||||||
|  |   | ||||||
|  | +#include "typemax.h"
 | ||||||
|  | +
 | ||||||
|  |  #include "builtins/builtext.h" | ||||||
|  |  #include "builtins/common.h" | ||||||
|  |   | ||||||
|  | @@ -92,7 +94,7 @@ extern int killpg __P((pid_t, int));
 | ||||||
|  |  #endif | ||||||
|  |   | ||||||
|  |  #if !MAX_CHILD_MAX | ||||||
|  | -#  define MAX_CHILD_MAX 8192
 | ||||||
|  | +#  define MAX_CHILD_MAX 32768
 | ||||||
|  |  #endif | ||||||
|  |   | ||||||
|  |  #if !defined (DEBUG) | ||||||
|  | @@ -751,7 +753,7 @@ stop_pipeline (async, deferred)
 | ||||||
|  |  static void | ||||||
|  |  bgp_resize () | ||||||
|  |  { | ||||||
|  | -  ps_index_t nsize;
 | ||||||
|  | +  ps_index_t nsize, nsize_cur, nsize_max;
 | ||||||
|  |    ps_index_t psi; | ||||||
|  |   | ||||||
|  |    if (bgpids.nalloc == 0) | ||||||
|  | @@ -765,11 +767,20 @@ bgp_resize ()
 | ||||||
|  |    else | ||||||
|  |      nsize = bgpids.nalloc; | ||||||
|  |   | ||||||
|  | -  while (nsize < js.c_childmax)
 | ||||||
|  | -    nsize *= 2;
 | ||||||
|  | +  nsize_max = TYPE_MAXIMUM (ps_index_t);
 | ||||||
|  | +  nsize_cur = (ps_index_t)js.c_childmax;
 | ||||||
|  | +  if (nsize_cur < 0)				/* overflow */
 | ||||||
|  | +    nsize_cur = MAX_CHILD_MAX;
 | ||||||
|  |   | ||||||
|  | -  if (bgpids.nalloc < js.c_childmax)
 | ||||||
|  | -    {
 | ||||||
|  | +  while (nsize > 0 && nsize < nsize_cur)	/* > 0 should catch overflow */
 | ||||||
|  | +    nsize <<= 1;
 | ||||||
|  | +  if (nsize > nsize_max || nsize <= 0)		/* overflow? */
 | ||||||
|  | +    nsize = nsize_max;
 | ||||||
|  | +  if (nsize > MAX_CHILD_MAX)
 | ||||||
|  | +    nsize = nsize_max = MAX_CHILD_MAX;		/* hard cap */
 | ||||||
|  | +
 | ||||||
|  | +  if (bgpids.nalloc < nsize_cur && bgpids.nalloc < nsize_max)
 | ||||||
|  | +  {
 | ||||||
|  |        bgpids.storage = (struct pidstat *)xrealloc (bgpids.storage, nsize * sizeof (struct pidstat)); | ||||||
|  |   | ||||||
|  |        for (psi = bgpids.nalloc; psi < nsize; psi++) | ||||||
|  | @@ -787,7 +798,7 @@ bgp_getindex ()
 | ||||||
|  |  { | ||||||
|  |    ps_index_t psi; | ||||||
|  |   | ||||||
|  | -  if (bgpids.nalloc < js.c_childmax || bgpids.head >= bgpids.nalloc)
 | ||||||
|  | +  if (bgpids.nalloc < (ps_index_t)js.c_childmax || bgpids.head >= bgpids.nalloc)
 | ||||||
|  |      bgp_resize (); | ||||||
|  |   | ||||||
|  |    pshash_delindex (bgpids.head);		/* XXX - clear before reusing */ | ||||||
							
								
								
									
										41
									
								
								SOURCES/bash-5.0-cve-2019-18276-2.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										41
									
								
								SOURCES/bash-5.0-cve-2019-18276-2.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,41 @@ | |||||||
|  | diff --git a/configure.ac b/configure.ac
 | ||||||
|  | index e5162c4..b82a33b 100644
 | ||||||
|  | --- a/configure.ac
 | ||||||
|  | +++ b/configure.ac
 | ||||||
|  | @@ -799,10 +799,13 @@ AC_CHECK_DECLS([confstr])
 | ||||||
|  |  AC_CHECK_DECLS([printf]) | ||||||
|  |  AC_CHECK_DECLS([sbrk]) | ||||||
|  |  AC_CHECK_DECLS([setregid]) | ||||||
|  | -AC_CHECK_DECLS[(setresuid, setresgid])
 | ||||||
|  | +dnl AC_CHECK_DECLS[(setresuid])
 | ||||||
|  | +dnl AC_CHECK_DECLS[(setresgid])
 | ||||||
|  |  AC_CHECK_DECLS([strcpy]) | ||||||
|  |  AC_CHECK_DECLS([strsignal]) | ||||||
|  |   | ||||||
|  | +AC_CHECK_FUNCS(setresuid setresgid)
 | ||||||
|  | +
 | ||||||
|  |  dnl Extra test to detect the horribly broken HP/UX 11.00 strtold(3) | ||||||
|  |  AC_CHECK_DECLS([strtold], [ | ||||||
|  |      AC_MSG_CHECKING([for broken strtold]) | ||||||
|  | diff --git a/shell.c b/shell.c
 | ||||||
|  | index 484d8a9..5c24922 100644
 | ||||||
|  | --- a/shell.c
 | ||||||
|  | +++ b/shell.c
 | ||||||
|  | @@ -1286,7 +1286,7 @@ disable_priv_mode ()
 | ||||||
|  |  { | ||||||
|  |    int e; | ||||||
|  |   | ||||||
|  | -#if HAVE_DECL_SETRESUID
 | ||||||
|  | +#if HAVE_SETRESUID
 | ||||||
|  |    if (setresuid (current_user.uid, current_user.uid, current_user.uid) < 0) | ||||||
|  |  #else | ||||||
|  |    if (setuid (current_user.uid) < 0) | ||||||
|  | @@ -1299,7 +1299,7 @@ disable_priv_mode ()
 | ||||||
|  |  	exit (e); | ||||||
|  |  #endif | ||||||
|  |      } | ||||||
|  | -#if HAVE_DECL_SETRESGID
 | ||||||
|  | +#if HAVE_SETRESGID
 | ||||||
|  |    if (setresgid (current_user.gid, current_user.gid, current_user.gid) < 0) | ||||||
|  |  #else | ||||||
|  |    if (setgid (current_user.gid) < 0) | ||||||
| @ -7,7 +7,7 @@ | |||||||
| Version: %{baseversion}%{patchleveltag} | Version: %{baseversion}%{patchleveltag} | ||||||
| Name: bash | Name: bash | ||||||
| Summary: The GNU Bourne Again shell | Summary: The GNU Bourne Again shell | ||||||
| Release: 12%{?dist} | Release: 14%{?dist} | ||||||
| License: GPLv3+ | License: GPLv3+ | ||||||
| Url: https://www.gnu.org/software/bash | Url: https://www.gnu.org/software/bash | ||||||
| Source0: https://ftp.gnu.org/gnu/bash/bash-%{baseversion}.tar.gz | Source0: https://ftp.gnu.org/gnu/bash/bash-%{baseversion}.tar.gz | ||||||
| @ -106,6 +106,11 @@ Patch134: bash-5.0-shellpid-subshell.patch | |||||||
| # 1793943 - CVE-2019-18276: when effective UID is not equal to its real UID the saved UID is | # 1793943 - CVE-2019-18276: when effective UID is not equal to its real UID the saved UID is | ||||||
| # not dropped | # not dropped | ||||||
| Patch135: bash-5.0-cve-2019-18276.patch | Patch135: bash-5.0-cve-2019-18276.patch | ||||||
|  | Patch136: bash-5.0-cve-2019-18276-2.patch | ||||||
|  | 
 | ||||||
|  | # 1890888 - Took long time to return when bash -c 'exit 2 & wait $!' run in the big size LimitNPROC | ||||||
|  | # values | ||||||
|  | Patch137: bash-5.0-bgp-resize.patch | ||||||
| 
 | 
 | ||||||
| BuildRequires: texinfo bison | BuildRequires: texinfo bison | ||||||
| BuildRequires: ncurses-devel | BuildRequires: ncurses-devel | ||||||
| @ -330,6 +335,14 @@ end | |||||||
| %{_libdir}/pkgconfig/%{name}.pc | %{_libdir}/pkgconfig/%{name}.pc | ||||||
| 
 | 
 | ||||||
| %changelog | %changelog | ||||||
|  | * Wed Nov 04 2020 Siteshwar Vashisht <svashisht@redhat.com> - 4.4.19-14 | ||||||
|  | - Fix hang when limit for nproc is very high | ||||||
|  |   Resolves: #1890888 | ||||||
|  | 
 | ||||||
|  | * Fri Oct 09 2020 Siteshwar Vashisht <svashisht@redhat.com> - 4.4.19-13 | ||||||
|  | - Correctly drop saved UID when effective UID is not equal to its real UID | ||||||
|  |   Resolves: #1793943 | ||||||
|  | 
 | ||||||
| * Mon Jun 22 2020 Siteshwar Vashisht <svashisht@redhat.com> - 4.4.19-12 | * Mon Jun 22 2020 Siteshwar Vashisht <svashisht@redhat.com> - 4.4.19-12 | ||||||
| - Avoid duplicating user path entries | - Avoid duplicating user path entries | ||||||
|   Resolves: #1667008 |   Resolves: #1667008 | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user