Changeset 2619 for trunk/server


Ignore:
Timestamp:
Sep 24, 2014, 9:13:05 PM (10 years ago)
Author:
andersk
Message:
bash: Disable function imports

The upstream fix for CVE-2014-6271 isn’t good enough.  Furthermore,
even if they were completely fixed to operate as intended, they are
still a bad idea to begin with.  Disable this feature entirely.
Location:
trunk/server
Files:
2 added
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/server/fedora/Makefile

    r2615 r2619  
    1919# See /COPYRIGHT in this repository for more information.
    2020
    21 upstream_yum    = krb5 krb5.i686 httpd openssh libgsasl
     21upstream_yum    = krb5 krb5.i686 httpd openssh libgsasl bash
    2222hackage         = cgi-3001.1.8.5 unix-handle-0.0.0
    2323upstream_hackage = ghc-cgi ghc-unix-handle
  • trunk/server/fedora/specs/scripts-base.spec

    r2591 r2619  
    1212Requires: accountadm
    1313Requires: execsys
     14Requires: scripts-bash
    1415Requires: scripts-dkms-openafs
    1516Requires: %{all_archs scripts-krb5-libs}
Note: See TracChangeset for help on using the changeset viewer.