From 8add5064c35f64fdf32d4f9b121b8f4c888ba1a2 Mon Sep 17 00:00:00 2001 From: Gustavo Zacarias Date: Mon, 13 Aug 2012 10:09:18 -0300 Subject: bash: security bump to version 4.2 pl37 Bump bash to version 4.2 patchlevel 37. Fixes CVE-2012-3410. Signed-off-by: Gustavo Zacarias Signed-off-by: Thomas Petazzoni --- package/bash/bash-4.2-024.patch | 45 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 package/bash/bash-4.2-024.patch (limited to 'package/bash/bash-4.2-024.patch') diff --git a/package/bash/bash-4.2-024.patch b/package/bash/bash-4.2-024.patch new file mode 100644 index 000000000..6ee6d8fbe --- /dev/null +++ b/package/bash/bash-4.2-024.patch @@ -0,0 +1,45 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.2 +Patch-ID: bash42-024 + +Bug-Reported-by: Jim Avera +Bug-Reference-ID: <4F29E07A.80405@yahoo.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2012-02/msg00001.html + +Bug-Description: + +When `printf -v' is used to set an array element, the format string contains +`%b', and the corresponding argument is the empty string, the buffer used +to store the value to be assigned can be NULL, which results in NUL being +assigned to the array element. This causes a seg fault when it's used later. + +Patch (apply with `patch -p0'): + +*** ../bash-4.2-patched/builtins/printf.def 2011-02-25 12:07:41.000000000 -0500 +--- ./builtins/printf.def 2012-02-02 08:37:12.000000000 -0500 +*************** +*** 256,259 **** +--- 257,262 ---- + { + vflag = 1; ++ if (vbsize == 0) ++ vbuf = xmalloc (vbsize = 16); + vblen = 0; + if (vbuf) +*** ../bash-4.2-patched/patchlevel.h Sat Jun 12 20:14:48 2010 +--- ./patchlevel.h Thu Feb 24 21:41:34 2011 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 23 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 24 + + #endif /* _PATCHLEVEL_H_ */ -- cgit v1.2.3