diff options
author | wiz <wiz@pkgsrc.org> | 2014-10-07 00:16:52 +0000 |
---|---|---|
committer | wiz <wiz@pkgsrc.org> | 2014-10-07 00:16:52 +0000 |
commit | b235acac13aa588b0f751f70d61d23f92c2b6b36 (patch) | |
tree | 47eaa87d483a5fc50d9f86067e1b50b380079ccc /shells/bash | |
parent | 4fb5048b00ced5440ac0c2672aaef9ae70e78d66 (diff) | |
download | pkgsrc-b235acac13aa588b0f751f70d61d23f92c2b6b36.tar.gz |
Another day, another bash patch. Welcome to 4.3.030.
Fixes CVE-2014-6278:
A combination of nested command substitutions and function importing
from the environment can cause bash to execute code appearing in
the environment variable value following the function definition.
Diffstat (limited to 'shells/bash')
-rw-r--r-- | shells/bash/Makefile | 6 | ||||
-rw-r--r-- | shells/bash/distinfo | 5 |
2 files changed, 7 insertions, 4 deletions
diff --git a/shells/bash/Makefile b/shells/bash/Makefile index cf4d230c6b3..2ab85d49d0c 100644 --- a/shells/bash/Makefile +++ b/shells/bash/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.71 2014/10/03 09:46:23 wiz Exp $ +# $NetBSD: Makefile,v 1.72 2014/10/07 00:16:52 wiz Exp $ BASH_VERSION= 4.3 -BASH_PATCHLEVEL= 029 +BASH_PATCHLEVEL= 030 DISTNAME= bash-${BASH_VERSION} PKGNAME= bash-${BASH_VERSION}.${BASH_PATCHLEVEL} @@ -15,7 +15,7 @@ PATCHFILES+= bash43-006 bash43-007 bash43-008 bash43-009 bash43-010 PATCHFILES+= bash43-011 bash43-012 bash43-013 bash43-014 bash43-015 PATCHFILES+= bash43-016 bash43-017 bash43-018 bash43-019 bash43-020 PATCHFILES+= bash43-021 bash43-022 bash43-023 bash43-024 bash43-025 -PATCHFILES+= bash43-026 bash43-027 bash43-028 bash43-029 +PATCHFILES+= bash43-026 bash43-027 bash43-028 bash43-029 bash43-030 MAINTAINER= pkgsrc-users@NetBSD.org HOMEPAGE= http://www.gnu.org/software/bash/bash.html diff --git a/shells/bash/distinfo b/shells/bash/distinfo index 23f65a30e81..24fdb870027 100644 --- a/shells/bash/distinfo +++ b/shells/bash/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.37 2014/10/03 09:46:23 wiz Exp $ +$NetBSD: distinfo,v 1.38 2014/10/07 00:16:52 wiz Exp $ SHA1 (bash-4.3.tar.gz) = 45ac3c5727e7262334f4dfadecdf601b39434e84 RMD160 (bash-4.3.tar.gz) = cd21a9f51ea7780994d4e2c9c7d16d5eb000f845 @@ -90,6 +90,9 @@ Size (bash43-028) = 69606 bytes SHA1 (bash43-029) = 883ae5901a45940d04136b0beae491238d50f70b RMD160 (bash43-029) = 1103874024539f44b40e14058e4f7be3ed4b8b0e Size (bash43-029) = 1824 bytes +SHA1 (bash43-030) = ad1e978c051ef58584343ad24f165e614ed2a184 +RMD160 (bash43-030) = 9634eb9f937b10507fb5b750633b0d7ea17c3456 +Size (bash43-030) = 63206 bytes SHA1 (patch-af) = dfd1d1be3d822cfc3ae0fd21bb2bbd3e35b11f0d SHA1 (patch-ag) = 4da0a43f6b890482affff46b18eef4be67770e48 SHA1 (patch-aj) = 8b3c52c2aee9cf53ee5a9ce64ead243d0970305e |