RedHat's patchlevel 28
This commit is contained in:
Ondrej Oprala
parent
5b43730222
commit
c6c0cde02b
@ -1,12 +0,0 @@
|
||||
*** ../bash-20140912/parse.y 2014-08-26 15:09:42.000000000 -0400
|
||||
--- parse.y 2014-09-24 22:47:28.000000000 -0400
|
||||
***************
|
||||
*** 2959,2962 ****
|
||||
--- 2959,2964 ----
|
||||
word_desc_to_read = (WORD_DESC *)NULL;
|
||||
|
||||
+ eol_ungetc_lookahead = 0;
|
||||
+
|
||||
current_token = '\n'; /* XXX */
|
||||
last_read_token = '\n';
|
||||
|
||||
31
bash.spec
31
bash.spec
@ -1,5 +1,5 @@
|
||||
#% define beta_tag rc2
|
||||
%define patchleveltag .25
|
||||
%define patchleveltag .28
|
||||
%define baseversion 4.3
|
||||
%bcond_without tests
|
||||
%{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}}
|
||||
@ -7,7 +7,7 @@
|
||||
Version: %{baseversion}%{patchleveltag}
|
||||
Name: bash
|
||||
Summary: The GNU Bourne Again shell
|
||||
Release: 2%{?dist}
|
||||
Release: 1%{?dist}
|
||||
Group: System Environment/Shells
|
||||
License: GPLv3+
|
||||
Url: http://www.gnu.org/software/bash
|
||||
@ -46,6 +46,18 @@ Patch022: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-022
|
||||
Patch023: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-023
|
||||
Patch024: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-024
|
||||
Patch025: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-025
|
||||
Patch026: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-026
|
||||
|
||||
# 1146326 - cve-2014-7169
|
||||
# we want to keep these patches from Florian Weimer
|
||||
# instead of the official ones, to match the ()/%%
|
||||
# detail we already have applied across RHELs and not to
|
||||
# create incompatibilities in the future
|
||||
#patchlevel 27
|
||||
Patch027: bash-4.2-cve-2014-7169-1.patch
|
||||
#patchlevel 28
|
||||
Patch028: bash-4.2-cve-2014-7169-2.patch
|
||||
|
||||
|
||||
# Other patches
|
||||
Patch101: bash-2.02-security.patch
|
||||
@ -103,12 +115,6 @@ Patch134: bash-4.3-pathexp-globignore-delim.patch
|
||||
# 1102815 - fix double echoes in vi visual mode
|
||||
Patch135: bash-4.3-noecho.patch
|
||||
|
||||
# 1146319 - cve-2014-7169
|
||||
|
||||
Patch136: bash-4.2-cve-2014-7169-0.patch
|
||||
Patch137: bash-4.2-cve-2014-7169-1.patch
|
||||
Patch138: bash-4.2-cve-2014-7169-2.patch
|
||||
|
||||
BuildRequires: texinfo bison
|
||||
BuildRequires: ncurses-devel
|
||||
BuildRequires: autoconf, gettext
|
||||
@ -160,6 +166,9 @@ This package contains documentation files for %{name}.
|
||||
%patch023 -p0 -b .023
|
||||
%patch024 -p0 -b .024
|
||||
%patch025 -p0 -b .025
|
||||
%patch026 -p0 -b .026
|
||||
%patch027 -p0 -b .7169-1
|
||||
%patch028 -p0 -b .7169-2
|
||||
|
||||
# Other patches
|
||||
%patch101 -p1 -b .security
|
||||
@ -190,9 +199,6 @@ This package contains documentation files for %{name}.
|
||||
%patch131 -p0 -b .keyword
|
||||
%patch134 -p0 -b .delim
|
||||
%patch135 -p1 -b .noecho
|
||||
%patch136 -p0 -b .7169-0
|
||||
%patch137 -p0 -b .7169-1
|
||||
%patch138 -p0 -b .7169-2
|
||||
|
||||
echo %{version} > _distribution
|
||||
echo %{release} > _patchlevel
|
||||
@ -388,6 +394,9 @@ end
|
||||
%doc doc/*.ps doc/*.0 doc/*.html doc/article.txt
|
||||
|
||||
%changelog
|
||||
* Mon Oct 06 2014 Ondrej Oprala <ooprala@redhat.com> - 4.3.28-1
|
||||
- RedHat's patchlevel 28
|
||||
|
||||
* Thu Sep 25 2014 Ondrej Oprala <ooprala@redhat.com> - 4.3.25-2
|
||||
- CVE-2014-7169
|
||||
Resolves: #1146319
|
||||
|
||||
60
bash43-026
Normal file
60
bash43-026
Normal file
@ -0,0 +1,60 @@
|
||||
BASH PATCH REPORT
|
||||
=================
|
||||
|
||||
Bash-Release: 4.3
|
||||
Patch-ID: bash43-026
|
||||
|
||||
Bug-Reported-by: Tavis Ormandy <taviso@cmpxchg8b.com>
|
||||
Bug-Reference-ID:
|
||||
Bug-Reference-URL: http://twitter.com/taviso/statuses/514887394294652929
|
||||
|
||||
Bug-Description:
|
||||
|
||||
Under certain circumstances, bash can incorrectly save a lookahead character and
|
||||
return it on a subsequent call, even when reading a new line.
|
||||
|
||||
Patch (apply with `patch -p0'):
|
||||
|
||||
*** ../bash-4.3.25/parse.y 2014-07-30 10:14:31.000000000 -0400
|
||||
--- parse.y 2014-09-25 20:20:21.000000000 -0400
|
||||
***************
|
||||
*** 2954,2957 ****
|
||||
--- 2954,2959 ----
|
||||
word_desc_to_read = (WORD_DESC *)NULL;
|
||||
|
||||
+ eol_ungetc_lookahead = 0;
|
||||
+
|
||||
current_token = '\n'; /* XXX */
|
||||
last_read_token = '\n';
|
||||
*** ../bash-4.3.25/y.tab.c 2014-07-30 10:14:32.000000000 -0400
|
||||
--- y.tab.c 2014-09-25 20:21:48.000000000 -0400
|
||||
***************
|
||||
*** 5266,5269 ****
|
||||
--- 5266,5271 ----
|
||||
word_desc_to_read = (WORD_DESC *)NULL;
|
||||
|
||||
+ eol_ungetc_lookahead = 0;
|
||||
+
|
||||
current_token = '\n'; /* XXX */
|
||||
last_read_token = '\n';
|
||||
***************
|
||||
*** 8540,8542 ****
|
||||
}
|
||||
#endif /* HANDLE_MULTIBYTE */
|
||||
-
|
||||
--- 8542,8543 ----
|
||||
*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500
|
||||
--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400
|
||||
***************
|
||||
*** 26,30 ****
|
||||
looks for to find the patch level (for the sccs version string). */
|
||||
|
||||
! #define PATCHLEVEL 25
|
||||
|
||||
#endif /* _PATCHLEVEL_H_ */
|
||||
--- 26,30 ----
|
||||
looks for to find the patch level (for the sccs version string). */
|
||||
|
||||
! #define PATCHLEVEL 26
|
||||
|
||||
#endif /* _PATCHLEVEL_H_ */
|
||||
Loading…
Reference in New Issue
Block a user