Change-Id: I98c509366a0efaaacc52489d7838766d124d100b
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/3937
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Sharath George
1 | 1 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,114 @@ |
0 |
+From 4f747edc625815f449048579f6e65869914dd715 Mon Sep 17 00:00:00 2001 |
|
1 |
+From: Chet Ramey <chet.ramey@case.edu> |
|
2 |
+Date: Fri, 20 Jan 2017 11:47:55 -0500 |
|
3 |
+Subject: Bash-4.4 patch 7 |
|
4 |
+ |
|
5 |
+--- |
|
6 |
+ bashline.c | 22 ++++++++++++---------- |
|
7 |
+ patchlevel.h | 2 +- |
|
8 |
+ subst.c | 4 ++++ |
|
9 |
+ 3 files changed, 17 insertions(+), 11 deletions(-) |
|
10 |
+ |
|
11 |
+diff --git a/bashline.c b/bashline.c |
|
12 |
+index f4fe9f1..0275844 100644 |
|
13 |
+--- a/bashline.c |
|
14 |
+@@ -142,7 +142,7 @@ static int executable_completion __P((const char *, int)); |
|
15 |
+ static rl_icppfunc_t *save_directory_hook __P((void)); |
|
16 |
+ static void restore_directory_hook __P((rl_icppfunc_t)); |
|
17 |
+ |
|
18 |
+-static int directory_exists __P((const char *)); |
|
19 |
++static int directory_exists __P((const char *, int)); |
|
20 |
+ |
|
21 |
+ static void cleanup_expansion_error __P((void)); |
|
22 |
+ static void maybe_make_readline_line __P((char *)); |
|
23 |
+@@ -3102,18 +3102,20 @@ restore_directory_hook (hookf) |
|
24 |
+ rl_directory_rewrite_hook = hookf; |
|
25 |
+ } |
|
26 |
+ |
|
27 |
+-/* Check whether not the (dequoted) version of DIRNAME, with any trailing slash |
|
28 |
+- removed, exists. */ |
|
29 |
++/* Check whether not DIRNAME, with any trailing slash removed, exists. If |
|
30 |
++ SHOULD_DEQUOTE is non-zero, we dequote the directory name first. */ |
|
31 |
+ static int |
|
32 |
+-directory_exists (dirname) |
|
33 |
++directory_exists (dirname, should_dequote) |
|
34 |
+ const char *dirname; |
|
35 |
++ int should_dequote; |
|
36 |
+ { |
|
37 |
+ char *new_dirname; |
|
38 |
+ int dirlen, r; |
|
39 |
+ struct stat sb; |
|
40 |
+ |
|
41 |
+- /* First, dequote the directory name */ |
|
42 |
+- new_dirname = bash_dequote_filename ((char *)dirname, rl_completion_quote_character); |
|
43 |
++ /* We save the string and chop the trailing slash because stat/lstat behave |
|
44 |
++ inconsistently if one is present. */ |
|
45 |
++ new_dirname = should_dequote ? bash_dequote_filename ((char *)dirname, rl_completion_quote_character) : savestring (dirname); |
|
46 |
+ dirlen = STRLEN (new_dirname); |
|
47 |
+ if (new_dirname[dirlen - 1] == '/') |
|
48 |
+ new_dirname[dirlen - 1] = '\0'; |
|
49 |
+@@ -3145,7 +3147,7 @@ bash_filename_stat_hook (dirname) |
|
50 |
+ else if (t = mbschr (local_dirname, '`')) /* XXX */ |
|
51 |
+ should_expand_dirname = '`'; |
|
52 |
+ |
|
53 |
+- if (should_expand_dirname && directory_exists (local_dirname)) |
|
54 |
++ if (should_expand_dirname && directory_exists (local_dirname, 0)) |
|
55 |
+ should_expand_dirname = 0; |
|
56 |
+ |
|
57 |
+ if (should_expand_dirname) |
|
58 |
+@@ -3155,7 +3157,7 @@ bash_filename_stat_hook (dirname) |
|
59 |
+ have to worry about restoring this setting. */ |
|
60 |
+ global_nounset = unbound_vars_is_error; |
|
61 |
+ unbound_vars_is_error = 0; |
|
62 |
+- wl = expand_prompt_string (new_dirname, 0, W_NOCOMSUB|W_COMPLETE); /* does the right thing */ |
|
63 |
++ wl = expand_prompt_string (new_dirname, 0, W_NOCOMSUB|W_NOPROCSUB|W_COMPLETE); /* does the right thing */ |
|
64 |
+ unbound_vars_is_error = global_nounset; |
|
65 |
+ if (wl) |
|
66 |
+ { |
|
67 |
+@@ -3244,13 +3246,13 @@ bash_directory_completion_hook (dirname) |
|
68 |
+ should_expand_dirname = '`'; |
|
69 |
+ } |
|
70 |
+ |
|
71 |
+- if (should_expand_dirname && directory_exists (local_dirname)) |
|
72 |
++ if (should_expand_dirname && directory_exists (local_dirname, 1)) |
|
73 |
+ should_expand_dirname = 0; |
|
74 |
+ |
|
75 |
+ if (should_expand_dirname) |
|
76 |
+ { |
|
77 |
+ new_dirname = savestring (local_dirname); |
|
78 |
+- wl = expand_prompt_string (new_dirname, 0, W_NOCOMSUB|W_COMPLETE); /* does the right thing */ |
|
79 |
++ wl = expand_prompt_string (new_dirname, 0, W_NOCOMSUB|W_NOPROCSUB|W_COMPLETE); /* does the right thing */ |
|
80 |
+ if (wl) |
|
81 |
+ { |
|
82 |
+ *dirname = string_list (wl); |
|
83 |
+diff --git a/patchlevel.h b/patchlevel.h |
|
84 |
+index 14bff9f..deb9c5b 100644 |
|
85 |
+--- a/patchlevel.h |
|
86 |
+@@ -25,6 +25,6 @@ |
|
87 |
+ regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh |
|
88 |
+ looks for to find the patch level (for the sccs version string). */ |
|
89 |
+ |
|
90 |
+-#define PATCHLEVEL 0 |
|
91 |
++#define PATCHLEVEL 7 |
|
92 |
+ |
|
93 |
+ #endif /* _PATCHLEVEL_H_ */ |
|
94 |
+diff --git a/subst.c b/subst.c |
|
95 |
+index 298187d..027a13e 100644 |
|
96 |
+--- a/subst.c |
|
97 |
+@@ -9458,6 +9458,10 @@ add_twochars: |
|
98 |
+ tword->flags |= word->flags & (W_ASSIGNARG|W_ASSIGNRHS); /* affects $@ */ |
|
99 |
+ if (word->flags & W_COMPLETE) |
|
100 |
+ tword->flags |= W_COMPLETE; /* for command substitutions */ |
|
101 |
++ if (word->flags & W_NOCOMSUB) |
|
102 |
++ tword->flags |= W_NOCOMSUB; |
|
103 |
++ if (word->flags & W_NOPROCSUB) |
|
104 |
++ tword->flags |= W_NOPROCSUB; |
|
105 |
+ |
|
106 |
+ temp = (char *)NULL; |
|
107 |
+ |
|
108 |
+-- |
|
109 |
+cgit v1.0-41-gc330 |
|
110 |
+ |
... | ... |
@@ -1,7 +1,7 @@ |
1 | 1 |
Summary: Bourne-Again SHell |
2 | 2 |
Name: bash |
3 | 3 |
Version: 4.4 |
4 |
-Release: 5%{?dist} |
|
4 |
+Release: 6%{?dist} |
|
5 | 5 |
License: GPLv3 |
6 | 6 |
URL: http://www.gnu.org/software/bash/ |
7 | 7 |
Group: System Environment/Base |
... | ... |
@@ -11,6 +11,7 @@ Source0: http://ftp.gnu.org/gnu/bash/%{name}-%{version}.tar.gz |
11 | 11 |
%define sha1 bash=8de012df1e4f3e91f571c3eb8ec45b43d7c747eb |
12 | 12 |
Source1: bash_completion |
13 | 13 |
Patch0: bash-4.4.patch |
14 |
+Patch1: CVE-2017-5932.patch |
|
14 | 15 |
Provides: /bin/sh |
15 | 16 |
Provides: /bin/bash |
16 | 17 |
BuildRequires: readline |
... | ... |
@@ -38,6 +39,7 @@ These are the additional language files of bash. |
38 | 38 |
%prep |
39 | 39 |
%setup -q |
40 | 40 |
%patch0 -p1 |
41 |
+%patch1 -p1 |
|
41 | 42 |
%build |
42 | 43 |
./configure \ |
43 | 44 |
"CFLAGS=-fPIC" \ |
... | ... |
@@ -312,6 +314,8 @@ fi |
312 | 312 |
%defattr(-,root,root) |
313 | 313 |
|
314 | 314 |
%changelog |
315 |
+* Mon Oct 02 2017 Kumar Kaushik <kaushikk@vmware.com> 4.4-6 |
|
316 |
+- Adding security fix for CVE-2017-5932. |
|
315 | 317 |
* Thu Jun 8 2017 Bo Gan <ganb@vmware.com> 4.4-5 |
316 | 318 |
- Fix dependency again |
317 | 319 |
* Wed Jun 7 2017 Divya Thaluru <dthaluru@vmware.com> 4.4-4 |