ports/core (3.1): [notify] bash: added patch for CVE-2014-7169 (incomplete CVE-2014-6271 patch)
commit b3112c50f9099f9aba764576f278ae8aa6384512 Author: Fredrik Rinnestam <fredrik@crux.nu> Date: Fri Sep 26 17:40:59 2014 +0200 [notify] bash: added patch for CVE-2014-7169 (incomplete CVE-2014-6271 patch) diff --git a/bash/.md5sum b/bash/.md5sum index 9e78cc7..cd32ccd 100644 --- a/bash/.md5sum +++ b/bash/.md5sum @@ -1,3 +1,4 @@ +ef372fa0f3a246a20f6c2b75d04eaee1 CVE-2014-7169.patch 0bb8bde611b03e32a010c6aa373fa2d4 bash-4.3.25.patch.gz 81348932d5da294953e15d4814c74dd1 bash-4.3.tar.gz be4c698ea8bb7d52eab2d6ce2c3fab8e profile diff --git a/bash/CVE-2014-7169.patch b/bash/CVE-2014-7169.patch new file mode 100644 index 0000000..e48141b --- /dev/null +++ b/bash/CVE-2014-7169.patch @@ -0,0 +1,60 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.3 +Patch-ID: bash43-026 + +Bug-Reported-by: Tavis Ormandy <taviso () cmpxchg8b com> +Bug-Reference-ID: +Bug-Reference-URL: http://twitter.com/taviso/statuses/514887394294652929 + +Bug-Description: + +Under certain circumstances, bash can incorrectly save a lookahead character and +return it on a subsequent call, even when reading a new line. + +Patch (apply with `patch -p0'): + +*** ../bash-4.3.25/parse.y 2014-07-30 10:14:31.000000000 -0400 +--- parse.y 2014-09-25 20:20:21.000000000 -0400 +*************** +*** 2954,2957 **** +--- 2954,2959 ---- + word_desc_to_read = (WORD_DESC *)NULL; + ++ eol_ungetc_lookahead = 0; ++ + current_token = '\n'; /* XXX */ + last_read_token = '\n'; +*** ../bash-4.3.25/y.tab.c 2014-07-30 10:14:32.000000000 -0400 +--- y.tab.c 2014-09-25 20:21:48.000000000 -0400 +*************** +*** 5266,5269 **** +--- 5266,5271 ---- + word_desc_to_read = (WORD_DESC *)NULL; + ++ eol_ungetc_lookahead = 0; ++ + current_token = '\n'; /* XXX */ + last_read_token = '\n'; +*************** +*** 8540,8542 **** + } + #endif /* HANDLE_MULTIBYTE */ +- +--- 8542,8543 ---- +*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 +--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 25 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 26 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/bash/Pkgfile b/bash/Pkgfile index 776e459..45e8a91 100644 --- a/bash/Pkgfile +++ b/bash/Pkgfile @@ -5,15 +5,16 @@ name=bash version=4.3.25 -release=1 +release=2 source=(http://ftp.gnu.org/gnu/$name/$name-${version:0:3}.tar.gz \ - $name-$version.patch.gz profile) + $name-$version.patch.gz profile CVE-2014-7169.patch) build() { cd $name-${version:0:3} gunzip -c $SRC/$name-$version.patch.gz | patch -p0 - + patch -p0 -i $SRC/CVE-2014-7169.patch + ./configure --prefix=/usr \ --exec-prefix= \ --mandir=/usr/man \
participants (1)
-
crux@crux.nu