svn commit: r369261 - in head/shells/bash: . files
Bryan Drewery
bdrewery at FreeBSD.org
Thu Sep 25 15:38:58 UTC 2014
Author: bdrewery
Date: Thu Sep 25 15:38:56 2014
New Revision: 369261
URL: http://svnweb.freebsd.org/changeset/ports/369261
QAT: https://qat.redports.org/buildarchive/r369261/
Log:
Fix CVE-2014-3659. The original fix in 25 was not enough.
Obtained from: http://seclists.org/oss-sec/2014/q3/690 (bash developer)
Security: CVE-2014-3659
Added:
head/shells/bash/files/patch-parse.y (contents, props changed)
Modified:
head/shells/bash/Makefile
Modified: head/shells/bash/Makefile
==============================================================================
--- head/shells/bash/Makefile Thu Sep 25 15:18:27 2014 (r369260)
+++ head/shells/bash/Makefile Thu Sep 25 15:38:56 2014 (r369261)
@@ -4,7 +4,7 @@
PORTNAME= bash
PATCHLEVEL= 25
PORTVERSION= 4.3.${PATCHLEVEL:S/^0//g}
-PORTREVISION?= 0
+PORTREVISION?= 1
CATEGORIES= shells
MASTER_SITES= GNU
MASTER_SITE_SUBDIR= ${PORTNAME}
@@ -64,6 +64,9 @@ CONFLICTS+= bash-static-[0-9]*
.endif
post-patch:
+# Ensure y.tab.c is regenerated
+ ${TOUCH} ${WRKSRC}/parse.y
+ ${RM} ${WRKSRC}/y.tab.c
@${REINPLACE_CMD} -e "s|%%PREFIX%%|${PREFIX}|g" ${WRKSRC}/doc/bash.1
.if ${PORT_OPTIONS:MSYSLOG}
@${REINPLACE_CMD} \
Added: head/shells/bash/files/patch-parse.y
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/shells/bash/files/patch-parse.y Thu Sep 25 15:38:56 2014 (r369261)
@@ -0,0 +1,13 @@
+http://seclists.org/oss-sec/2014/q3/690
+
+*** ../bash-20140912/parse.y 2014-08-26 15:09:42.000000000 -0400
+--- parse.y 2014-09-24 22:47:28.000000000 -0400
+***************
+*** 2959,2962 ****
+--- 2959,2964 ----
+ word_desc_to_read = (WORD_DESC *)NULL;
+
++ eol_ungetc_lookahead = 0;
++
+ current_token = '\n'; /* XXX */
+ last_read_token = '\n';
More information about the svn-ports-all
mailing list