Last change
on this file since 2619 was
2619,
checked in by andersk, 10 years ago
|
bash: Disable function imports
The upstream fix for CVE-2014-6271 isn’t good enough. Furthermore,
even if they were completely fixed to operate as intended, they are
still a bad idea to begin with. Disable this feature entirely.
|
File size:
900 bytes
|
Rev | Line | |
---|
[2619] | 1 | --- bash.spec.old 2014-07-21 07:48:05.000000000 -0400 |
---|
| 2 | +++ bash.spec 2014-09-24 20:59:58.416349649 -0400 |
---|
| 3 | @@ -7,7 +7,8 @@ |
---|
| 4 | Version: %{baseversion}%{patchleveltag} |
---|
| 5 | Name: bash |
---|
| 6 | Summary: The GNU Bourne Again shell |
---|
| 7 | -Release: 3%{?dist} |
---|
| 8 | +Release: 3%{?dist}.scripts.%{scriptsversion} |
---|
| 9 | +Provides: scripts-bash |
---|
| 10 | Group: System Environment/Shells |
---|
| 11 | License: GPLv3+ |
---|
| 12 | Url: http://www.gnu.org/software/bash |
---|
| 13 | @@ -124,6 +125,9 @@ |
---|
| 14 | # 1112710 - mention ulimit -c and -f POSIX block size |
---|
| 15 | Patch128: bash-4.2-man-ulimit.patch |
---|
| 16 | |
---|
| 17 | +# Disable function imports |
---|
| 18 | +Patch9000: bash-4.2-disable-function-imports.patch |
---|
| 19 | + |
---|
| 20 | BuildRequires: texinfo bison |
---|
| 21 | BuildRequires: ncurses-devel |
---|
| 22 | BuildRequires: autoconf, gettext |
---|
| 23 | @@ -226,6 +230,7 @@ |
---|
| 24 | %patch125 -p1 -b .size_type |
---|
| 25 | %patch126 -p1 -b .missing_closes |
---|
| 26 | %patch128 -p1 -b .ulimit |
---|
| 27 | +%patch9000 -p1 -b .disable_function_imports |
---|
| 28 | |
---|
| 29 | echo %{version} > _distribution |
---|
| 30 | echo %{release} > _patchlevel |
---|
Note: See
TracBrowser
for help on using the repository browser.