testing/bash
SHA256
3
0
Fork 0
forked from pool/bash
Code Pull Requests Activity

Accepting request 226577 from Base:System

Browse Source 
- CVE-2014-2524: bash,readline: temporary file misuse in _rl_tropen (bnc#868822)
  Even if used only by developers to debug readline library do not
  open temporary files from public location without O_EXCL

OBS-URL: https://build.opensuse.org/request/show/226577
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/bash?expand=0&rev=113
This commit is contained in:
Stephan Kulow 2014-03-19 12:57:40 +00:00 committed by Git OBS Bridge
commit 1c8a607004
3 changed files with 53 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
bash.changes
View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Tue Mar 18 11:25:21 UTC 2014 - werner@suse.de
- CVE-2014-2524: bash,readline: temporary file misuse in _rl_tropen (bnc#868822)
Even if used only by developers to debug readline library do not
open temporary files from public location without O_EXCL
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Jan 31 16:39:08 UTC 2014 - werner@suse.de Fri Jan 31 16:39:08 UTC 2014 - werner@suse.de

3
bash.spec
View File

@ -91,6 +91,7 @@ Patch25: readline-6.2-endpw.dif
Patch26: readline-6.2-msgdynamic.patch Patch26: readline-6.2-msgdynamic.patch
Patch27: readline-6.2-xmalloc.dif Patch27: readline-6.2-xmalloc.dif
Patch30: readline-6.2-destdir.patch Patch30: readline-6.2-destdir.patch
Patch31: readline-6.2-rltrace.patch
Patch40: bash-4.1-bash.bashrc.dif Patch40: bash-4.1-bash.bashrc.dif
Patch42: audit-patch Patch42: audit-patch
Patch43: audit-rl-patch Patch43: audit-rl-patch
@ -309,6 +310,7 @@ done
%patch24 -p0 -b .metamode %patch24 -p0 -b .metamode
#%patch25 -p0 -b .endpw #%patch25 -p0 -b .endpw
%patch26 -p0 -b .msgdy %patch26 -p0 -b .msgdy
%patch31 -p0 -b .tmp
%patch40 -p0 -b .bashrc %patch40 -p0 -b .bashrc
%if 0%suse_version >= 1100 %if 0%suse_version >= 1100
%patch42 -p1 -b .audit %patch42 -p1 -b .audit
@ -334,6 +336,7 @@ done
%patch24 -p2 -b .metamode %patch24 -p2 -b .metamode
#%patch25 -p2 -b .endpw #%patch25 -p2 -b .endpw
%patch26 -p2 -b .msgdy %patch26 -p2 -b .msgdy
%patch31 -p2 -b .tmp
%patch27 -p0 -b .xm %patch27 -p0 -b .xm
%patch30 -p0 -b .destdir %patch30 -p0 -b .destdir
%if 0%suse_version >= 1100 %if 0%suse_version >= 1100

43
readline-6.2-rltrace.patch Normal file
View File

@ -0,0 +1,43 @@
Even if used only by developers to debug readline library do not open
temporary files from public location without O_EXCL (bcn#868822).
---
util.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
--- lib/readline/util.c
+++ lib/readline/util.c 2014-03-18 11:18:25.774735305 +0000
@@ -493,10 +493,12 @@ _rl_trace (va_alist)
if (_rl_tracefp == 0)
_rl_tropen ();
+ if (!_rl_tracefp)
+ goto out;
vfprintf (_rl_tracefp, format, args);
fprintf (_rl_tracefp, "\n");
fflush (_rl_tracefp);
-
+out:
va_end (args);
}
@@ -509,7 +511,7 @@ _rl_tropen ()
fclose (_rl_tracefp);
sprintf (fnbuf, "/var/tmp/rltrace.%ld", getpid());
unlink(fnbuf);
- _rl_tracefp = fopen (fnbuf, "w+");
+ _rl_tracefp = fopen (fnbuf, "w+xe");
return _rl_tracefp != 0;
}
@@ -517,8 +519,8 @@ int
_rl_trclose ()
{
int r;
-
- r = fclose (_rl_tracefp);
+ if (_rl_tracefp)
+ r = fclose (_rl_tracefp);
_rl_tracefp = 0;
return r;
}