[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Patch file bash42-049 is broken

From: Chet Ramey
Subject: Re: Patch file bash42-049 is broken
Date: Sun, 28 Sep 2014 08:32:52 -0400
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0

On 9/28/14, 12:51 AM, Deron Meranda wrote:
> I was wondering if anybody was going to address the problem with 4.2 patch
> 49 ?

I've attached a corrected version and I will update the FTP sites today.

> Not only is there a critical line of code missing, but the the 'patch'
> command will also fail when used with the --fuzz=0 option -- which is
> something that rpmbuild (Fedora, etc) uses.

There are no missing lines of code -- the entire patch is one line to
parse.y, which fixes the underlying problem CVE-2014-7169 exploits.


``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, ITS, CWRU    address@hidden    http://cnswww.cns.cwru.edu/~chet/

Attachment: bash42-049.new
Description: Text document

reply via email to

[Prev in Thread] Current Thread [Next in Thread]