-
Committer:
Package Import Robot
-
Author(s):
Marc Deslauriers
-
Date:
2014-10-07 11:05:06 UTC
-
mfrom:
(61.1.4 precise-security)
-
Revision ID:
package-import@ubuntu.com-20141007110506-uewqe9a1okmt0z9h
Tags: 4.2-2ubuntu2.6
* SECURITY UPDATE: incorrect function definition parsing with
here-document delimited by end-of-file
- debian/patches/CVE-2014-6277.diff: properly handle closing delimiter
in bash/copy_cmd.c, bash/make_cmd.c.
- CVE-2014-6277
* SECURITY UPDATE: incorrect function definition parsing via nested
command substitutions
- debian/patches/CVE-2014-6278.diff: properly handle certain parsing
attempts in bash/builtins/evalstring.c, bash/parse.y, bash/shell.h.
- CVE-2014-6278
* Updated patches with official upstream versions:
- debian/patches/CVE-2014-6271.diff
- debian/patches/CVE-2014-7169.diff
- debian/patches/variables-affix.diff
- debian/patches/CVE-2014-718x.diff