[PATCH 0/2] Add graft for Bash CVE-2017-5932

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 0/2] Add graft for Bash CVE-2017-5932

From:	Ludovic Courtès
Subject:	[PATCH 0/2] Add graft for Bash CVE-2017-5932
Date:	Fri, 10 Feb 2017 10:40:56 +0100

Hello!

This patch fixes Bash CVE-2017-5932, which is a remote code execution
vulnerability triggered by file name completion and disclosed on Wednesday:

  
https://github.com/jheyens/bash_completion_vuln/raw/master/2017-01-17.bash_completion_report.pdf
  http://www.openwall.com/lists/oss-security/2017/02/07/9

I'll apply it today if there are no objections.

Thanks in advance,
Ludo'.

Ludovic Courtès (2):
  gnu: bash: Update patch URL to 4.4.
  gnu: bash: Add graft for patch #7 [fixes CVE-2017-5932].

 gnu/packages/bash.scm | 46 ++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 44 insertions(+), 2 deletions(-)

-- 
2.11.0

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 0/2] Add graft for Bash CVE-2017-5932, Ludovic Courtès <=
- [PATCH 1/2] gnu: bash: Update patch URL to 4.4., Ludovic Courtès, 2017/02/10
- [PATCH 2/2] gnu: bash: Add graft for patch #7 [fixes CVE-2017-5932]., Ludovic Courtès, 2017/02/10
- Re: [PATCH 0/2] Add graft for Bash CVE-2017-5932, Ludovic Courtès, 2017/02/10
- Re: [PATCH 0/2] Add graft for Bash CVE-2017-5932, Leo Famulari, 2017/02/11

Prev by Date: Re: Dealing with environment settings on a non-Guix distribution
Next by Date: [PATCH 1/2] gnu: bash: Update patch URL to 4.4.
Previous by thread: Dealing with environment settings on a non-Guix distribution
Next by thread: [PATCH 1/2] gnu: bash: Update patch URL to 4.4.
Index(es):
- Date
- Thread