lp:ubuntu/precise-security/bash
- Get this branch:
- bzr branch lp:ubuntu/precise-security/bash
Branch merges
Branch information
Recent revisions
- 65. By Marc Deslauriers
-
* SECURITY UPDATE: incorrect function definition parsing with
here-document delimited by end-of-file
- debian/patches/ CVE-2014- 6277.diff: properly handle closing delimiter
in bash/copy_cmd.c, bash/make_cmd.c.
- CVE-2014-6277
* SECURITY UPDATE: incorrect function definition parsing via nested
command substitutions
- debian/patches/ CVE-2014- 6278.diff: properly handle certain parsing
attempts in bash/builtins/evalstring. c, bash/parse.y, bash/shell.h.
- CVE-2014-6278
* Updated patches with official upstream versions:
- debian/patches/ CVE-2014- 6271.diff
- debian/patches/ CVE-2014- 7169.diff
- debian/patches/ variables- affix.diff
- debian/patches/ CVE-2014- 718x.diff - 64. By Marc Deslauriers
-
* SECURITY UPDATE: out-of-bounds memory access
- debian/patches/ CVE-2014- 718x.diff: guard against overflow and fix
off-by-one in bash/parse.y.
- CVE-2014-7186
- CVE-2014-7187
* SECURITY IMPROVEMENT: use prefixes and suffixes for function exports
- debian/patches/ variables- affix.diff: add prefixes and suffixes in
bash/variables. c. - 63. By Marc Deslauriers
-
* SECURITY UPDATE: incomplete fix for CVE-2014-6271
- debian/patches/ CVE-2014- 7169.diff: fix logic in bash/parse.y.
- CVE-2014-7169 - 62. By Marc Deslauriers
-
* SECURITY UPDATE: incorrect function parsing
- debian/patches/ CVE-2014- 6271.diff: fix function parsing in
bash/builtins/ common. h, bash/builtins/ evalstring. c, bash/variables.c.
- CVE-2014-6271
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/utopic/bash