summaryrefslogtreecommitdiffstats
path: root/package/bash/bash-4.2-022.patch
diff options
context:
space:
mode:
authorGustavo Zacarias <gustavo@zacarias.com.ar>2012-08-13 10:09:18 -0300
committerThomas Petazzoni <thomas.petazzoni@free-electrons.com>2012-08-24 23:47:56 +0200
commit8add5064c35f64fdf32d4f9b121b8f4c888ba1a2 (patch)
treee3c5d481b69714986d12b7d74a6515d2aef54453 /package/bash/bash-4.2-022.patch
parenta45b10baa71273eba6f9100e0e66eca5660a4062 (diff)
downloadbuildroot-novena-8add5064c35f64fdf32d4f9b121b8f4c888ba1a2.tar.gz
buildroot-novena-8add5064c35f64fdf32d4f9b121b8f4c888ba1a2.zip
bash: security bump to version 4.2 pl37
Bump bash to version 4.2 patchlevel 37. Fixes CVE-2012-3410. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Diffstat (limited to 'package/bash/bash-4.2-022.patch')
-rw-r--r--package/bash/bash-4.2-022.patch61
1 files changed, 61 insertions, 0 deletions
diff --git a/package/bash/bash-4.2-022.patch b/package/bash/bash-4.2-022.patch
new file mode 100644
index 000000000..cb0ac3f1c
--- /dev/null
+++ b/package/bash/bash-4.2-022.patch
@@ -0,0 +1,61 @@
+ BASH PATCH REPORT
+ =================
+
+Bash-Release: 4.2
+Patch-ID: bash42-022
+
+Bug-Reported-by: Gregory Margo <gmargo@pacbell.net>
+Bug-Reference-ID: <20110727174529.GA3333@pacbell.net>
+Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2011-07/msg00102.html
+
+Bug-Description:
+
+The return value from lseek is `off_t'. This can cause corrupted return
+values when the file offset is greater than 2**31 - 1.
+
+Patch (apply with `patch -p0'):
+
+*** ../bash-4.2-patched/lib/sh/zread.c Mon Mar 2 08:54:45 2009
+--- ./lib/sh/zread.c Thu Jul 28 18:16:53 2011
+***************
+*** 161,166 ****
+ int fd;
+ {
+! off_t off;
+! int r;
+
+ off = lused - lind;
+--- 161,165 ----
+ int fd;
+ {
+! off_t off, r;
+
+ off = lused - lind;
+***************
+*** 169,173 ****
+ r = lseek (fd, -off, SEEK_CUR);
+
+! if (r >= 0)
+ lused = lind = 0;
+ }
+--- 168,172 ----
+ r = lseek (fd, -off, SEEK_CUR);
+
+! if (r != -1)
+ lused = lind = 0;
+ }
+*** ../bash-4.2-patched/patchlevel.h Sat Jun 12 20:14:48 2010
+--- ./patchlevel.h Thu Feb 24 21:41:34 2011
+***************
+*** 26,30 ****
+ looks for to find the patch level (for the sccs version string). */
+
+! #define PATCHLEVEL 21
+
+ #endif /* _PATCHLEVEL_H_ */
+--- 26,30 ----
+ looks for to find the patch level (for the sccs version string). */
+
+! #define PATCHLEVEL 22
+
+ #endif /* _PATCHLEVEL_H_ */