From 2ca36d48b37a24ef1fe75fc9cebc844b7e161e440511321698bb310fde1f1130 Mon Sep 17 00:00:00 2001 From: "Dr. Werner Fink" Date: Fri, 27 Jan 2017 17:54:19 +0000 Subject: [PATCH] Update from patch 006 upto 012 OBS-URL: https://build.opensuse.org/package/show/Base:System/bash?expand=0&rev=231 --- bash-4.3-2.4.4.patch | 14 +++++++------- bash-4.3-sigrestart.patch | 4 ++-- bash-4.4-patches.tar.bz2 | 4 ++-- bash.changes | 36 ++++++++++++++++++++++++++++++++++++ bash.spec | 3 --- popd-offset-overflow.patch | 27 --------------------------- readline-7.0-patches.tar.bz2 | 4 ++-- 7 files changed, 49 insertions(+), 43 deletions(-) delete mode 100644 popd-offset-overflow.patch diff --git a/bash-4.3-2.4.4.patch b/bash-4.3-2.4.4.patch index 9881786..417e863 100644 --- a/bash-4.3-2.4.4.patch +++ b/bash-4.3-2.4.4.patch @@ -8,7 +8,7 @@ 6 files changed, 17 insertions(+), 7 deletions(-) --- array.c -+++ array.c 2016-09-16 10:37:12.179427118 +0000 ++++ array.c 2017-01-27 17:45:42.364066849 +0000 @@ -946,7 +946,7 @@ char *s, *sep; * To make a running version, compile -DTEST_ARRAY and link with: * xmalloc.o syntax.o lib/malloc/libmalloc.a lib/sh/libsh.a @@ -19,7 +19,7 @@ int signal_is_trapped(s) --- examples/loadables/tee.c -+++ examples/loadables/tee.c 2016-09-16 10:37:12.179427118 +0000 ++++ examples/loadables/tee.c 2017-01-27 17:45:42.364066849 +0000 @@ -35,6 +35,7 @@ #include "bashansi.h" @@ -38,7 +38,7 @@ extern char *strerror (); --- hashlib.c -+++ hashlib.c 2016-09-16 10:37:12.179427118 +0000 ++++ hashlib.c 2017-01-27 17:45:42.364066849 +0000 @@ -382,7 +382,7 @@ hash_pstats (table, name) HASH_TABLE *table, *ntable; @@ -49,8 +49,8 @@ int signal_is_trapped (s) --- jobs.c -+++ jobs.c 2016-09-16 10:37:12.183427043 +0000 -@@ -1947,6 +1947,15 @@ make_child (command, async_p) ++++ jobs.c 2017-01-27 17:45:42.364066849 +0000 +@@ -1962,6 +1962,15 @@ make_child (command, async_p) pid_t mypid; mypid = getpid (); @@ -67,7 +67,7 @@ /* Close default_buffered_input if it's > 0. We don't close it if it's 0 because that's the file descriptor used when redirecting input, --- sig.c -+++ sig.c 2016-09-16 10:37:12.183427043 +0000 ++++ sig.c 2017-01-27 17:45:42.364066849 +0000 @@ -98,10 +98,10 @@ sigset_t top_level_mask; #endif /* JOB_CONTROL */ @@ -82,7 +82,7 @@ #if defined (SIGWINCH) static SigHandler *old_winch = (SigHandler *)SIG_DFL; --- sig.h -+++ sig.h 2016-09-16 10:37:12.183427043 +0000 ++++ sig.h 2017-01-27 17:45:42.364066849 +0000 @@ -109,8 +109,8 @@ do { \ extern volatile sig_atomic_t sigwinch_received; extern volatile sig_atomic_t sigterm_received; diff --git a/bash-4.3-sigrestart.patch b/bash-4.3-sigrestart.patch index 3bab15b..48c840d 100644 --- a/bash-4.3-sigrestart.patch +++ b/bash-4.3-sigrestart.patch @@ -3,8 +3,8 @@ 1 file changed, 6 insertions(+) --- sig.c -+++ sig.c 2016-09-14 08:54:54.158863424 +0000 -@@ -738,10 +738,16 @@ set_signal_handler (sig, handler) ++++ sig.c 2017-01-27 17:46:46.602829901 +0000 +@@ -739,10 +739,16 @@ set_signal_handler (sig, handler) if (sig == SIGCHLD) act.sa_flags |= SA_RESTART; /* XXX */ #endif diff --git a/bash-4.4-patches.tar.bz2 b/bash-4.4-patches.tar.bz2 index 6c97ac6..2156845 100644 --- a/bash-4.4-patches.tar.bz2 +++ b/bash-4.4-patches.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:14dccf11ec530ff79696ddf8648b9d9e56c924804c8ec73eba78ca9c3581b5c0 -size 3408 +oid sha256:4c8f6d1c5c94802053b08c015b4059446a9366378c329902a0eaf9ab4846f730 +size 8213 diff --git a/bash.changes b/bash.changes index ffc3f14..7713e51 100644 --- a/bash.changes +++ b/bash.changes @@ -1,3 +1,39 @@ +------------------------------------------------------------------- +Fri Jan 27 17:31:59 UTC 2017 - werner@suse.de + +- Add upstream patch bash44-006 + Out-of-range negative offsets to popd can cause the shell to crash + attempting to free an invalid memory block. +- Remove patch popd-offset-overflow.patch to use bash44-006 +- Add upstream patch bash44-007 + When performing filename completion, bash dequotes the directory + name being completed, which can result in match failures and + potential unwanted expansion. +- Duplicate bash44-007 as readline70-002 as it seems to be missed +- Add upstream patch bash44-008 + Under certain circumstances, bash will evaluate arithmetic + expressions as part of reading an expression token even when + evaluation is suppressed. This happens while evaluating a + conditional expression and skipping over the failed branch of the + expression. +- Add upstream patch bash44-009 + There is a race condition in add_history() that can be triggered + by a fatal signal arriving between the time the history length + is updated and the time the history list update is completed. + A later attempt to reference an invalid history entry can cause + a crash. +- Add upstream patch bash44-010 + Depending on compiler optimizations and behavior, the `read' + builtin may not save partial input when a timeout occurs. +- Add upstream patch bash44-011 + Subshells begun to run command and process substitutions may + attempt to set the terminal's process group to an incorrect + value if they receive a fatal signal. This depends on the + behavior of the process that starts the shell. +- Add upstream patch bash44-012 + When -N is used, the input is not supposed to be split using + $IFS, but leading and trailing IFS whitespace was still removed. + ------------------------------------------------------------------- Thu Jan 19 12:20:06 UTC 2017 - werner@suse.de diff --git a/bash.spec b/bash.spec index 149a309..8307d56 100644 --- a/bash.spec +++ b/bash.spec @@ -92,8 +92,6 @@ Patch27: readline-6.2-xmalloc.dif Patch30: readline-6.3-destdir.patch Patch31: readline-6.3-rltrace.patch Patch40: bash-4.1-bash.bashrc.dif -# PATCH-FIX-UPSTREAM boo#1010845 -- CVE-2016-9401: bash: popd controlled free (Segmentation fault) -Patch41: popd-offset-overflow.patch Patch46: man2html-no-timestamp.patch Patch47: bash-4.3-perl522.patch # PATCH-FIX-SUSE @@ -302,7 +300,6 @@ done #%patch25 -p0 -b .endpw %patch31 -p0 -b .tmp %patch40 -p0 -b .bashrc -%patch41 -p0 -b .popd %patch46 -p0 -b .notimestamp %patch47 -p0 -b .perl522 %if %{with import_function} diff --git a/popd-offset-overflow.patch b/popd-offset-overflow.patch deleted file mode 100644 index 4e2bb81..0000000 --- a/popd-offset-overflow.patch +++ /dev/null @@ -1,27 +0,0 @@ -*** ../bash-4.4-patched/builtins/pushd.def 2016-01-25 13:31:49.000000000 -0500 ---- builtins/pushd.def 2016-10-28 10:46:49.000000000 -0400 -*************** -*** 366,370 **** - } - -! if (which > directory_list_offset || (directory_list_offset == 0 && which == 0)) - { - pushd_error (directory_list_offset, which_word ? which_word : ""); ---- 366,370 ---- - } - -! if (which > directory_list_offset || (which < -directory_list_offset) || (directory_list_offset == 0 && which == 0)) - { - pushd_error (directory_list_offset, which_word ? which_word : ""); -*************** -*** 388,391 **** ---- 388,396 ---- - of the list into place. */ - i = (direction == '+') ? directory_list_offset - which : which; -+ if (i < 0 || i > directory_list_offset) -+ { -+ pushd_error (directory_list_offset, which_word ? which_word : ""); -+ return (EXECUTION_FAILURE); -+ } - free (pushd_directory_list[i]); - directory_list_offset--; diff --git a/readline-7.0-patches.tar.bz2 b/readline-7.0-patches.tar.bz2 index f6f89f1..773d4e4 100644 --- a/readline-7.0-patches.tar.bz2 +++ b/readline-7.0-patches.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:19d888f6cab86092262544ddc1f999dd00d2c5c9c6947045300ed57a61e6f81d -size 1128 +oid sha256:7a5a7db9aa69394d33787760be74bea581a3ecf1116c5e3f1e7d925ed5da4b57 +size 1789