diff options
author | Jay Freeman <saurik@saurik.com> | 2014-09-26 10:03:21 +0000 |
---|---|---|
committer | Jay Freeman <saurik@saurik.com> | 2014-09-26 10:03:21 +0000 |
commit | d513c95110fbec3a9c1f6bb3d56e5ecf0971f058 (patch) | |
tree | 2183c599c8b9648ee8da49512604fe296c066c31 /data/bash/bash40-038 | |
parent | eaacbeade6c101df568afad2308bae83ebd56359 (diff) |
Fix the shellshock vulnerability (not regression).
git-svn-id: http://svn.telesphoreo.org/trunk@793 514c082c-b64e-11dc-b46d-3d985efe055d
Diffstat (limited to 'data/bash/bash40-038')
-rw-r--r-- | data/bash/bash40-038 | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/data/bash/bash40-038 b/data/bash/bash40-038 new file mode 100644 index 000000000..80505cc34 --- /dev/null +++ b/data/bash/bash40-038 @@ -0,0 +1,56 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-038 + +Bug-Reported-by: werner@suse.de +Bug-Reference-ID: <201002251238.o1PCcYcg016893@boole.suse.de> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-02/msg00132.html + +Bug-Description: + +When the `read' builtin times out after the timeout specified with -t is +exceeded, it does not reset the flags that tell signal handlers to process +signals immediately instead of deferring their handling. This can result +in unsafe functions being called from signal handlers, which can cause bash +to hang or dump core. + +Patch (apply with `patch -p0'): + +*** ../bash-4.0-patched/builtins/read.def 2009-09-03 14:40:03.000000000 -0400 +--- builtins/read.def 2010-03-17 17:35:39.000000000 -0400 +*************** +*** 602,607 **** + zsyncfd (fd); + +- interrupt_immediately--; +- terminate_immediately--; + discard_unwind_frame ("read_builtin"); + +--- 616,619 ---- +*************** +*** 610,613 **** +--- 622,628 ---- + assign_vars: + ++ interrupt_immediately--; ++ terminate_immediately--; ++ + #if defined (ARRAY_VARS) + /* If -a was given, take the string read, break it into a list of words, +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 37 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 38 + + #endif /* _PATCHLEVEL_H_ */ |