From 94c4c2234b6b5766c2a85ef722f72d69de92956e Mon Sep 17 00:00:00 2001
From: "Dr. Werner Fink" <werner@suse.com>
Date: Mon, 6 Oct 2014 08:23:18 +0000
Subject: [PATCH] .

OBS-URL: https://build.opensuse.org/package/show/Base:System/bash?expand=0&rev=182
---
 bash-4.2-CVE-2014-7187.patch | 85 ------------------------------------
 bash-4.2-patches.tar.bz2     |  4 +-
 bash.changes                 | 22 ++++++++++
 bash.spec                    |  3 --
 4 files changed, 24 insertions(+), 90 deletions(-)
 delete mode 100644 bash-4.2-CVE-2014-7187.patch

diff --git a/bash-4.2-CVE-2014-7187.patch b/bash-4.2-CVE-2014-7187.patch
deleted file mode 100644
index ca413d22..00000000
--- a/bash-4.2-CVE-2014-7187.patch
+++ /dev/null
@@ -1,85 +0,0 @@
---- ../bash-4.2-orig/parse.y	2014-09-25 13:07:59.218209276 +0200
-+++ parse.y	2014-09-25 15:26:52.813159810 +0200
-@@ -264,9 +264,21 @@
- 
- /* Variables to manage the task of reading here documents, because we need to
-    defer the reading until after a complete command has been collected. */
--static REDIRECT *redir_stack[10];
-+static REDIRECT **redir_stack;
- int need_here_doc;
- 
-+/* Pushes REDIR onto redir_stack, resizing it as needed. */
-+static void
-+push_redir_stack (REDIRECT *redir)
-+{
-+  /* Guard against oveflow. */
-+  if (need_here_doc + 1 > INT_MAX / sizeof (*redir_stack))
-+    abort ();
-+  redir_stack = xrealloc (redir_stack,
-+			  (need_here_doc + 1) * sizeof (*redir_stack));
-+  redir_stack[need_here_doc++] = redir;
-+}
-+
- /* Where shell input comes from.  History expansion is performed on each
-    line when the shell is interactive. */
- static char *shell_input_line = (char *)NULL;
-@@ -519,42 +531,42 @@
- 			  source.dest = 0;
- 			  redir.filename = $2;
- 			  $$ = make_redirection (source, r_reading_until, redir, 0);
--			  redir_stack[need_here_doc++] = $$;
-+			  push_redir_stack ($$);
- 			}
- 	|	NUMBER LESS_LESS WORD
- 			{
- 			  source.dest = $1;
- 			  redir.filename = $3;
- 			  $$ = make_redirection (source, r_reading_until, redir, 0);
--			  redir_stack[need_here_doc++] = $$;
-+			  push_redir_stack ($$);
- 			}
- 	|	REDIR_WORD LESS_LESS WORD
- 			{
- 			  source.filename = $1;
- 			  redir.filename = $3;
- 			  $$ = make_redirection (source, r_reading_until, redir, REDIR_VARASSIGN);
--			  redir_stack[need_here_doc++] = $$;
-+			  push_redir_stack ($$);
- 			}
- 	|	LESS_LESS_MINUS WORD
- 			{
- 			  source.dest = 0;
- 			  redir.filename = $2;
- 			  $$ = make_redirection (source, r_deblank_reading_until, redir, 0);
--			  redir_stack[need_here_doc++] = $$;
-+			  push_redir_stack ($$);
- 			}
- 	|	NUMBER LESS_LESS_MINUS WORD
- 			{
- 			  source.dest = $1;
- 			  redir.filename = $3;
- 			  $$ = make_redirection (source, r_deblank_reading_until, redir, 0);
--			  redir_stack[need_here_doc++] = $$;
-+			  push_redir_stack ($$);
- 			}
- 	|	REDIR_WORD  LESS_LESS_MINUS WORD
- 			{
- 			  source.filename = $1;
- 			  redir.filename = $3;
- 			  $$ = make_redirection (source, r_deblank_reading_until, redir, REDIR_VARASSIGN);
--			  redir_stack[need_here_doc++] = $$;
-+			  push_redir_stack ($$);
- 			}
- 	|	LESS_LESS_LESS WORD
- 			{
-@@ -4757,7 +4769,7 @@
-     case CASE:
-     case SELECT:
-     case FOR:
--      if (word_top < MAX_CASE_NEST)
-+      if (word_top + 1 < MAX_CASE_NEST)
- 	word_top++;
-       word_lineno[word_top] = line_number;
-       break;
-
-
diff --git a/bash-4.2-patches.tar.bz2 b/bash-4.2-patches.tar.bz2
index 666488f7..f2c66a06 100644
--- a/bash-4.2-patches.tar.bz2
+++ b/bash-4.2-patches.tar.bz2
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:b20d686fcaf734b53799990a1c3c734094753a08ef4b3184f76ffe8789ae4236
-size 30957
+oid sha256:951cdc3d800ad2d4ef928250ffeeae7bd6b4c40993c9063c339cfeac45dc30fc
+size 32638
diff --git a/bash.changes b/bash.changes
index 05eff7b6..897ea24a 100644
--- a/bash.changes
+++ b/bash.changes
@@ -1,3 +1,25 @@
+-------------------------------------------------------------------
+Mon Oct  6 08:07:48 UTC 2014 - werner@suse.de
+
+- Replace patches bash-4.2-heredoc-eof-delim.patch and
+  bash-4.2-parse-exportfunc.patch with the official upstream
+  patch levels bash42-052 and bash42-053
+
+-------------------------------------------------------------------
+Thu Oct  2 13:11:50 UTC 2014 - werner@suse.de
+
+- Replace patch bash-4.2-CVE-2014-7187.patch with upstream patch
+  level bash42-051
+
+-------------------------------------------------------------------
+Wed Oct  1 12:12:55 UTC 2014 - werner@suse.de
+
+- Add patches
+  bash-4.2-heredoc-eof-delim.patch for bsc#898812, CVE-2014-6277:
+  more troubles with functions
+  bash-4.2-parse-exportfunc.patch for bsc#898884, CVE-2014-6278:
+  code execution after original 6271 fix
+
 -------------------------------------------------------------------
 Tue Sep 30 13:49:12 UTC 2014 - werner@suse.de
 
diff --git a/bash.spec b/bash.spec
index e10fce2a..86223169 100644
--- a/bash.spec
+++ b/bash.spec
@@ -103,8 +103,6 @@ Patch46:        man2html-no-timestamp.patch
 Patch47:        config-guess-sub-update.patch
 # PATCH-FIX-SUSE CVE-2014-6271
 Patch48:        bash-4.2-extra-import-func.patch
-# PATCH-FIX-SUSE CVE-2014-7187
-Patch51:        bash-4.2-CVE-2014-7187.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 %global         _sysconfdir /etc
 %global         _incdir     %{_includedir}
@@ -329,7 +327,6 @@ done
 %if %{with import_function}
 %patch48 -p0
 %endif
-%patch51 -p0
 %patch0  -p0 -b .0
 pushd ../readline-%{rl_vers}%{extend}
 for patch in ../readline-%{rl_vers}-patches/*; do