ca6bbc3f99
This is a followup patch to incomplete CVE-2014-6271 fix code execution via specially-crafted environment This patch changes the encoding bash uses for exported functions to avoid clashes with shell variables and to avoid depending only on an environment variable's contents to determine whether or not to interpret it as a shell function. (From OE-Core daisy rev: 6c51cc96d03df26d1c10867633e7a10dfbec7c45) (From OE-Core rev: af1f65b57dbfcaf5fc7c254dce80ac55f3a632cb) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> |
||
---|---|---|
.. | ||
Fix-for-bash-exported-function-namespace-change.patch | ||
build-tests.patch | ||
cve-2014-6271.patch | ||
cve-2014-7169.patch | ||
execute_cmd.patch | ||
mkbuiltins_have_stringize.patch | ||
run-ptest | ||
test-output.patch |