Updated bash to patch 50.
This fully mitigates Shellshock and related parsing vulnerabilities, due to attackers never controlling environment variable names.
This commit is contained in:
parent
7f043ffbbe
commit
21c12b4065
@ -49,4 +49,6 @@ patch: [
|
||||
(patch "046" "0vc1ngkxkamwr022ww3vjp9ww9c647az4pjn175c1v60d0xk5hcm")
|
||||
(patch "047" "0ymgimqz65sx2izg1dvm1h5cc01arl3j9j5137212l1ls00r55y1")
|
||||
(patch "048" "091xk1ms7ycnczsl3fx461gjhj69j6ycnfijlymwj6mj60ims6km")
|
||||
(patch "049" "03jipi8qz5baf1dyhld7yvazkkad7lz5czchrjsrnglzvm6df74h")
|
||||
(patch "050" "19lb9nh0x5siwf21xkga3khy5pa3srfrlx97mby4cfz8am2bh68s")
|
||||
]
|
||||
|
@ -1,13 +0,0 @@
|
||||
http://www.openwall.com/lists/oss-security/2014/09/25/10
|
||||
|
||||
*** ../bash-20140912/parse.y 2014-08-26 15:09:42.000000000 -0400
|
||||
--- parse.y 2014-09-24 22:47:28.000000000 -0400
|
||||
***************
|
||||
*** 2959,2962 ****
|
||||
--- 2959,2964 ----
|
||||
word_desc_to_read = (WORD_DESC *)NULL;
|
||||
|
||||
+ eol_ungetc_lookahead = 0;
|
||||
+
|
||||
current_token = '\n'; /* XXX */
|
||||
last_read_token = '\n';
|
@ -34,7 +34,7 @@ stdenv.mkDerivation rec {
|
||||
inherit sha256;
|
||||
};
|
||||
in
|
||||
import ./bash-4.2-patches.nix patch) ++ [ ./cve-2014-7169.patch ];
|
||||
import ./bash-4.2-patches.nix patch);
|
||||
|
||||
crossAttrs = {
|
||||
configureFlags = baseConfigureFlags +
|
||||
|
Loading…
Reference in New Issue
Block a user