rpms/bash
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Patchlevel 25

Browse Source
This commit is contained in:
Ondrej Oprala 2014-09-25 22:21:38 +02:00
parent 73b56521ee
commit c7ac4c5328
4 changed files with 201 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
bash.spec
View File

@ -1,5 +1,5 @@
#% define beta_tag rc2 #% define beta_tag rc2
%define patchleveltag .22 %define patchleveltag .25
%define baseversion 4.3 %define baseversion 4.3
%bcond_without tests %bcond_without tests
%{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}} %{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}}
@ -7,7 +7,7 @@
Version: %{baseversion}%{patchleveltag} Version: %{baseversion}%{patchleveltag}
Name: bash Name: bash
Summary: The GNU Bourne Again shell Summary: The GNU Bourne Again shell
Release: 3%{?dist} Release: 1%{?dist}
Group: System Environment/Shells Group: System Environment/Shells
License: GPLv3+ License: GPLv3+
Url: http://www.gnu.org/software/bash Url: http://www.gnu.org/software/bash
@ -43,6 +43,9 @@ Patch019: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-019
Patch020: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-020 Patch020: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-020
Patch021: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-021 Patch021: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-021
Patch022: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-022 Patch022: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-022
Patch023: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-023
Patch024: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-024
Patch025: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-025
# Other patches # Other patches
Patch101: bash-2.02-security.patch Patch101: bash-2.02-security.patch
@ -94,15 +97,12 @@ Patch127: bash-4.2-trap.patch
Patch128: bash-4.3-man-ulimit.patch Patch128: bash-4.3-man-ulimit.patch
# A series of patches emitted by upstream since 4.3-18 # A series of patches emitted by upstream since 4.3-18
Patch129: bash-4.3-array-element.patch
Patch131: bash-4.3-parse-time-keyword.patch Patch131: bash-4.3-parse-time-keyword.patch
Patch134: bash-4.3-pathexp-globignore-delim.patch Patch134: bash-4.3-pathexp-globignore-delim.patch
# 1102815 - fix double echoes in vi visual mode # 1102815 - fix double echoes in vi visual mode
Patch135: bash-4.3-noecho.patch Patch135: bash-4.3-noecho.patch
Patch136: bash-4.3-cve-2014-6271.patch
BuildRequires: texinfo bison BuildRequires: texinfo bison
BuildRequires: ncurses-devel BuildRequires: ncurses-devel
BuildRequires: autoconf, gettext BuildRequires: autoconf, gettext
@ -151,6 +151,9 @@ This package contains documentation files for %{name}.
%patch020 -p0 -b .020 %patch020 -p0 -b .020
%patch021 -p0 -b .021 %patch021 -p0 -b .021
%patch022 -p0 -b .022 %patch022 -p0 -b .022
%patch023 -p0 -b .023
%patch024 -p0 -b .024
%patch025 -p0 -b .025
# Other patches # Other patches
%patch101 -p1 -b .security %patch101 -p1 -b .security
@ -178,11 +181,9 @@ This package contains documentation files for %{name}.
%patch123 -p1 %patch123 -p1
%patch125 -p1 -b .size_type %patch125 -p1 -b .size_type
%patch128 -p1 -b .ulimit %patch128 -p1 -b .ulimit
%patch129 -p1 -b .element
%patch131 -p0 -b .keyword %patch131 -p0 -b .keyword
%patch134 -p0 -b .delim %patch134 -p0 -b .delim
%patch135 -p1 -b .noecho %patch135 -p1 -b .noecho
%patch136 -p0 -b .6271
echo %{version} > _distribution echo %{version} > _distribution
echo %{release} > _patchlevel echo %{release} > _patchlevel
@ -378,6 +379,9 @@ end
%doc doc/*.ps doc/*.0 doc/*.html doc/article.txt %doc doc/*.ps doc/*.0 doc/*.html doc/article.txt
%changelog %changelog
* Thu Sep 25 2014 Ondrej Oprala <ooprala@redhat.com> - 4.3.25-1
- Patchlevel 25
* Wed Sep 24 2014 Ondrej Oprala <ooprala@redhat.com> - 4.3.22-3 * Wed Sep 24 2014 Ondrej Oprala <ooprala@redhat.com> - 4.3.22-3
- Inhibit code injection - patch by Stephane Chazelas - Inhibit code injection - patch by Stephane Chazelas

104
bash43-023 Normal file
View File

@ -0,0 +1,104 @@
BASH PATCH REPORT
=================
Bash-Release: 4.3
Patch-ID: bash43-023
Bug-Reported-by: Tim Friske <me@timfriske.com>
Bug-Reference-ID: <CAM1RzOcOR9zzC2i+aeES6LtbHNHoOV+0pZEYPrqxv_QAii-RXA@mail.gmail.com>
Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-06/msg00056.html
Bug-Description:
Bash does not correctly parse process substitution constructs that contain
unbalanced parentheses as part of the contained command.
Patch (apply with `patch -p0'):
*** ../bash-4.3-patched/subst.h 2014-01-11 21:02:27.000000000 -0500
--- subst.h 2014-07-20 17:25:01.000000000 -0400
***************
*** 83,87 ****
Start extracting at (SINDEX) as if we had just seen "<(".
Make (SINDEX) get the position just after the matching ")". */
! extern char *extract_process_subst __P((char *, char *, int *));
#endif /* PROCESS_SUBSTITUTION */
--- 83,87 ----
Start extracting at (SINDEX) as if we had just seen "<(".
Make (SINDEX) get the position just after the matching ")". */
! extern char *extract_process_subst __P((char *, char *, int *, int));
#endif /* PROCESS_SUBSTITUTION */
*** ../bash-4.3-patched/subst.c 2014-05-15 08:26:45.000000000 -0400
--- subst.c 2014-07-20 17:26:44.000000000 -0400
***************
*** 1193,1202 ****
Make (SINDEX) get the position of the matching ")". */ /*))*/
char *
! extract_process_subst (string, starter, sindex)
char *string;
char *starter;
int *sindex;
{
return (extract_delimited_string (string, sindex, starter, "(", ")", SX_COMMAND));
}
#endif /* PROCESS_SUBSTITUTION */
--- 1193,1208 ----
Make (SINDEX) get the position of the matching ")". */ /*))*/
char *
! extract_process_subst (string, starter, sindex, xflags)
char *string;
char *starter;
int *sindex;
+ int xflags;
{
+ #if 0
return (extract_delimited_string (string, sindex, starter, "(", ")", SX_COMMAND));
+ #else
+ xflags |= (no_longjmp_on_fatal_error ? SX_NOLONGJMP : 0);
+ return (xparse_dolparen (string, string+*sindex, sindex, xflags));
+ #endif
}
#endif /* PROCESS_SUBSTITUTION */
***************
*** 1786,1790 ****
if (string[si] == '\0')
CQ_RETURN(si);
! temp = extract_process_subst (string, (c == '<') ? "<(" : ">(", &si);
free (temp); /* no SX_ALLOC here */
i = si;
--- 1792,1796 ----
if (string[si] == '\0')
CQ_RETURN(si);
! temp = extract_process_subst (string, (c == '<') ? "<(" : ">(", &si, 0);
free (temp); /* no SX_ALLOC here */
i = si;
***************
*** 8250,8254 ****
t_index = sindex + 1; /* skip past both '<' and LPAREN */
! temp1 = extract_process_subst (string, (c == '<') ? "<(" : ">(", &t_index); /*))*/
sindex = t_index;
--- 8256,8260 ----
t_index = sindex + 1; /* skip past both '<' and LPAREN */
! temp1 = extract_process_subst (string, (c == '<') ? "<(" : ">(", &t_index, 0); /*))*/
sindex = t_index;
*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500
--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400
***************
*** 26,30 ****
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 22
#endif /* _PATCHLEVEL_H_ */
--- 26,30 ----
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 23
#endif /* _PATCHLEVEL_H_ */

54
bash43-024 Normal file
View File

@ -0,0 +1,54 @@
BASH PATCH REPORT
=================
Bash-Release: 4.3
Patch-ID: bash43-024
Bug-Reported-by: Corentin Peuvrel <cpeuvrel@pom-monitoring.com>
Bug-Reference-ID: <53CE9E5D.6050203@pom-monitoring.com>
Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-07/msg00021.html
Bug-Description:
Indirect variable references do not work correctly if the reference
variable expands to an array reference using a subscript other than 0
(e.g., foo='bar[1]' ; echo ${!foo}).
Patch (apply with `patch -p0'):
*** ../bash-4.3-patched/subst.c 2014-06-03 09:32:44.000000000 -0400
--- subst.c 2014-07-23 09:58:19.000000000 -0400
***************
*** 7375,7379 ****
if (want_indir)
! tdesc = parameter_brace_expand_indir (name + 1, var_is_special, quoted, quoted_dollar_atp, contains_dollar_at);
else
tdesc = parameter_brace_expand_word (name, var_is_special, quoted, PF_IGNUNBOUND|(pflags&(PF_NOSPLIT2|PF_ASSIGNRHS)), &ind);
--- 7445,7455 ----
if (want_indir)
! {
! tdesc = parameter_brace_expand_indir (name + 1, var_is_special, quoted, quoted_dollar_atp, contains_dollar_at);
! /* Turn off the W_ARRAYIND flag because there is no way for this function
! to return the index we're supposed to be using. */
! if (tdesc && tdesc->flags)
! tdesc->flags &= ~W_ARRAYIND;
! }
else
tdesc = parameter_brace_expand_word (name, var_is_special, quoted, PF_IGNUNBOUND|(pflags&(PF_NOSPLIT2|PF_ASSIGNRHS)), &ind);
*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500
--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400
***************
*** 26,30 ****
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 23
#endif /* _PATCHLEVEL_H_ */
--- 26,30 ----
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 24
#endif /* _PATCHLEVEL_H_ */

32
bash-4.3-cve-2014-6271.patch → bash43-025
View File

@ -1,3 +1,20 @@
BASH PATCH REPORT
=================
Bash-Release: 4.3
Patch-ID: bash43-025
Bug-Reported-by: Stephane Chazelas <stephane.chazelas@gmail.com>
Bug-Reference-ID:
Bug-Reference-URL:
Bug-Description:
Under certain circumstances, bash will execute user code while processing the
environment for exported function definitions.
Patch (apply with `patch -p0'):
*** ../bash-4.3-patched/builtins/common.h 2013-07-08 16:54:47.000000000 -0400 *** ../bash-4.3-patched/builtins/common.h 2013-07-08 16:54:47.000000000 -0400
--- builtins/common.h 2014-09-12 14:25:47.000000000 -0400 --- builtins/common.h 2014-09-12 14:25:47.000000000 -0400
*************** ***************
@ -89,3 +106,18 @@
! else if ((var = find_variable_last_nameref (temp1)) && var_isset (var) && invisible_p (var) == 0) ! else if ((var = find_variable_last_nameref (temp1)) && var_isset (var) && invisible_p (var) == 0)
{ {
temp = nameref_cell (var); temp = nameref_cell (var);
*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500
--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400
***************
*** 26,30 ****
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 24
#endif /* _PATCHLEVEL_H_ */
--- 26,30 ----
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 25
#endif /* _PATCHLEVEL_H_ */