lp:ubuntu/precise-security/bash

Created by Ubuntu Package Importer on 2014-09-24 and last modified on 2014-10-07
Get this branch:
bzr branch lp:ubuntu/precise-security/bash
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

65. By Marc Deslauriers on 2014-10-07

* SECURITY UPDATE: incorrect function definition parsing with
  here-document delimited by end-of-file
  - debian/patches/CVE-2014-6277.diff: properly handle closing delimiter
    in bash/copy_cmd.c, bash/make_cmd.c.
  - CVE-2014-6277
* SECURITY UPDATE: incorrect function definition parsing via nested
  command substitutions
  - debian/patches/CVE-2014-6278.diff: properly handle certain parsing
    attempts in bash/builtins/evalstring.c, bash/parse.y, bash/shell.h.
  - CVE-2014-6278
* Updated patches with official upstream versions:
  - debian/patches/CVE-2014-6271.diff
  - debian/patches/CVE-2014-7169.diff
  - debian/patches/variables-affix.diff
  - debian/patches/CVE-2014-718x.diff

64. By Marc Deslauriers on 2014-09-26

* SECURITY UPDATE: out-of-bounds memory access
  - debian/patches/CVE-2014-718x.diff: guard against overflow and fix
    off-by-one in bash/parse.y.
  - CVE-2014-7186
  - CVE-2014-7187
* SECURITY IMPROVEMENT: use prefixes and suffixes for function exports
  - debian/patches/variables-affix.diff: add prefixes and suffixes in
    bash/variables.c.

63. By Marc Deslauriers on 2014-09-25

* SECURITY UPDATE: incomplete fix for CVE-2014-6271
  - debian/patches/CVE-2014-7169.diff: fix logic in bash/parse.y.
  - CVE-2014-7169

62. By Marc Deslauriers on 2014-09-22

* SECURITY UPDATE: incorrect function parsing
  - debian/patches/CVE-2014-6271.diff: fix function parsing in
    bash/builtins/common.h, bash/builtins/evalstring.c, bash/variables.c.
  - CVE-2014-6271

61. By Matthias Klose on 2012-04-03

Really apply upstream patches 021 - 024.

60. By Matthias Klose on 2012-04-02

Merge with Debian; remaining changes:

59. By Steve Langasek on 2012-03-30

releasing version 4.2-1ubuntu3

58. By Steve Langasek on 2012-03-30

When cross-building, use the cross-strip, not the host strip.

57. By Steve Langasek on 2012-03-30

releasing version 4.2-1ubuntu2

56. By Steve Langasek on 2012-03-30

run update-maintainer

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/utopic/bash
This branch contains Public information 
Everyone can see this information.

Subscribers