webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-22 08:52:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

bash: Fix for CVE-2014-6271

Browse Source 
A flaw was found in the way Bash evaluated certain specially crafted
environment variables. An attacker could use this flaw to override
or bypass environment restrictions to execute shell commands.
Certain services and applications allow remote unauthenticated
attackers to provide environment variables, allowing them to exploit
this issue.
This commit is contained in:
Michael Tremer
2014-09-24 21:02:22 +02:00
parent 77192e97b9
commit 9445ab4acc
2 changed files with 92 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
lfs/bash
View File

@@ -94,6 +94,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/bash-4.0-paths-1.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/bash-4.0-profile-1.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/bash-3.2-ssh_source_bash.patch
cd $(DIR_APP) && patch -Np0 < $(DIR_SRC)/src/patches/bash-4.3-CVE-2014-6271.patch
cd $(DIR_APP) && ./configure $(CONFIGURE_OPTIONS)
cd $(DIR_APP) && make $(MAKETUNING)