mirror of
https://github.com/flatcar/scripts.git
synced 2025-08-20 05:51:18 +02:00
bash: function export hardening patch
Another day another bash version bump. This is the final version of the patch to add a special prefix and suffix to exported functions in the environment, preventing bugs similar to the previous two from becoming remotely exploitable. http://lists.gnu.org/archive/html/bug-bash/2014-09/msg00279.html There still remain two less significant memory-access issues, dubbed CVE-2014-7186 and CVE-2014-7187. So expect another bump soon. http://www.openwall.com/lists/oss-security/2014/09/25/32
This commit is contained in:
Michael Marineau
parent
2a1aa70606
commit
9eaacc58c6
@ -47,3 +47,5 @@ DIST bash42-045 1572 SHA256 ddb7eff0f59d394a483b09feec3771d9026f81ba90afac32846a
|
||||
DIST bash42-046 1988 SHA256 95c1323b68c0ecc0ca09565ef2d5218625ced3957b702e04c8bcaad9e7b3816d SHA512 7e4a9d3961cb8bf8559f82684cb75fe8600a377522f582e1a9537696ceccab32d15d1045f850ea91ea8bd2cf286d79412bb47460af26bec8486d5f3137f5d54f WHIRLPOOL 68d83498307dec79bea516c7e7b03dfdff10116a716922c780c66d9017abb38cf6b32f17674490fed93b2701d8271f71f4aaeab6712b184fe4d880b818fab988
|
||||
DIST bash42-047 1353 SHA256 c1979201d0345011c419a1c82407cd2a00c60a0c75b7f07e145d17f3718daf7a SHA512 0b43eefcc0ef3a55e309dff339db31a07849ce794e645d917f1836f48c71b84bdc50aa3315b3b2e33acef2e6e81a07f2a026cb43381d0f809c8271cc0a0699a0 WHIRLPOOL 5b2a3000dd72b4cd34f74ffcfe160fe891c8e55766913260207cdad0ed205843398ca9a261f41ef5d54c76782ae291809be0b78c3bb960ea84bb0676cdc6e263
|
||||
DIST bash42-048 3258 SHA256 751a5d2330b21ac9aba7323acbbc91c948285f30a4bb41f56796f9a36b983d24 SHA512 4218377052da8900ab6d49b855ae6f7779ad94e9e76daf3424240fbbb1bab37b929989b976ecc3ccbfb66f3c278a7ba546e5d34b214382b41767991945d960b4 WHIRLPOOL 16da3dfb42b1cbb50841e381428135a9d0439d30c519725bd52bf55093c618b7ca8983b4638749dc87d5893a20b4cc5546c1ef5141f62d78fad8ccd5b4261fe7
|
||||
DIST bash42-049 1159 SHA256 901cd74cdd9f3e9bb5cc907d563e3d4dcdf9d5f6a751e85b706a958f51bc510e SHA512 a0472af2c3bb30fb3ebf0217b34261aa586314a05fc19c959b4931dcd064e0a6a8b4e37f8b4a9dd13d8fff38822e32e12fb28f4fcb73b0f6dcf42827fa5aba05 WHIRLPOOL a34df0a257a3db06b887abbda2afa823b471e1ba705318822e98d4740ce41fe906edf2d91602bcbbf97f1202067086b33217824af7cf8f2f71c58fb4d6fd65eb
|
||||
DIST bash42-050 6650 SHA256 1a19b84455e83b46fcaa27759a5dd643dde2e11ceacd1e84e351970ea04d8ba6 SHA512 317a5f90d909a5db697025894b50f35f26f8293b3ce1ad9b8e9dc6d0661f277659c8cc0a70a113d3889b2de6e932e5af5ba89a427f32879c69d4e3db24e6a2a8 WHIRLPOOL 2d77d23cd0e2baa59f8024e3e09f9db48f0ab999157d9c6911c4893abcf6a3e320f8f1614049ebf2b7b9ff5da57041ef1fd1b873746a940cf720ca947ad75d43
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
# Copyright 1999-2014 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/app-shells/bash/bash-4.2_p48-r1.ebuild,v 1.4 2014/09/25 11:02:20 armin76 Exp $
|
||||
# $Header: /var/cvsroot/gentoo-x86/app-shells/bash/bash-4.2_p50.ebuild,v 1.1 2014/09/28 16:52:30 polynomial-c Exp $
|
||||
|
||||
EAPI="4"
|
||||
|
||||
@ -8,8 +8,7 @@ inherit eutils flag-o-matic toolchain-funcs multilib
|
||||
|
||||
# Official patchlevel
|
||||
# See ftp://ftp.cwru.edu/pub/bash/bash-4.2-patches/
|
||||
#PLEVEL=${PV##*_p}
|
||||
PLEVEL=48
|
||||
PLEVEL=${PV##*_p}
|
||||
MY_PV=${PV/_p*}
|
||||
MY_PV=${MY_PV/_/-}
|
||||
MY_P=${PN}-${MY_PV}
|
||||
@ -35,7 +34,7 @@ SRC_URI="mirror://gnu/bash/${MY_P}.tar.gz $(patches)"
|
||||
|
||||
LICENSE="GPL-3"
|
||||
SLOT="0"
|
||||
KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd"
|
||||
KEYWORDS="~alpha amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd"
|
||||
IUSE="afs bashlogger examples mem-scramble +net nls plugins +readline vanilla"
|
||||
|
||||
DEPEND=">=sys-libs/ncurses-5.2-r2
|
||||
@ -85,8 +84,6 @@ src_prepare() {
|
||||
if ! use vanilla ; then
|
||||
epatch "${FILESDIR}"/${PN}-4.2-speed-up-read-N.patch
|
||||
fi
|
||||
# proposed new release but not available for download yet
|
||||
epatch "${FILESDIR}"/${PN}-4.2-049.patch
|
||||
|
||||
epatch_user
|
||||
}
|
||||
@ -179,8 +176,8 @@ src_install() {
|
||||
fi
|
||||
sed -i \
|
||||
"${sed_args[@]}" \
|
||||
"${D}"/usr/share/skel/.bashrc \
|
||||
"${D}"/usr/share/bash/bashrc || die
|
||||
"${ED}"/usr/share/skel/.bashrc \
|
||||
"${ED}"/usr/share/bash/bashrc || die
|
||||
|
||||
if use plugins ; then
|
||||
exeinto /usr/$(get_libdir)/bash
|
||||
Loading…
x
Reference in New Issue
Block a user