bash: patch for CVE-2014-6271 via Novell.

srcpkgs/bash/patches/funcdef-import-4.3.patch

@@ -0,0 +1,93 @@
+CVE-2014-6271: remote code execution through bash
+
+*** builtins/common.h	2013-07-08 16:54:47.000000000 -0400
+--- builtins/common.h	2014-09-12 14:25:47.000000000 -0400
+***************
+*** 34,37 ****
+--- 49,54 ----
+  #define SEVAL_PARSEONLY	0x020
+  #define SEVAL_NOLONGJMP 0x040
++ #define SEVAL_FUNCDEF	0x080		/* only allow function definitions */
++ #define SEVAL_ONECMD	0x100		/* only allow a single command */
+  
+  /* Flags for describe_command, shared between type.def and command.def */
+*** builtins/evalstring.c	2014-02-11 09:42:10.000000000 -0500
+--- builtins/evalstring.c	2014-09-14 14:15:13.000000000 -0400
+***************
+*** 309,312 ****
+--- 313,324 ----
+  	      struct fd_bitmap *bitmap;
+  
++ 	      if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def)
++ 		{
++ 		  internal_warning ("%s: ignoring function definition attempt", from_file);
++ 		  should_jump_to_top_level = 0;
++ 		  last_result = last_command_exit_value = EX_BADUSAGE;
++ 		  break;
++ 		}
++ 
+  	      bitmap = new_fd_bitmap (FD_BITMAP_SIZE);
+  	      begin_unwind_frame ("pe_dispose");
+***************
+*** 369,372 ****
+--- 381,387 ----
+  	      dispose_fd_bitmap (bitmap);
+  	      discard_unwind_frame ("pe_dispose");
++ 
++ 	      if (flags & SEVAL_ONECMD)
++ 		break;
+  	    }
+  	}
+*** variables.c	2014-05-15 08:26:50.000000000 -0400
+--- variables.c	2014-09-14 14:23:35.000000000 -0400
+***************
+*** 359,369 ****
+  	  strcpy (temp_string + char_index + 1, string);
+  
+! 	  if (posixly_correct == 0 || legal_identifier (name))
+! 	    parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST);
+! 
+! 	  /* Ancient backwards compatibility.  Old versions of bash exported
+! 	     functions like name()=() {...} */
+! 	  if (name[char_index - 1] == ')' && name[char_index - 2] == '(')
+! 	    name[char_index - 2] = '\0';
+  
+  	  if (temp_var = find_function (name))
+--- 364,372 ----
+  	  strcpy (temp_string + char_index + 1, string);
+  
+! 	  /* Don't import function names that are invalid identifiers from the
+! 	     environment, though we still allow them to be defined as shell
+! 	     variables. */
+! 	  if (legal_identifier (name))
+! 	    parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD);
+  
+  	  if (temp_var = find_function (name))
+***************
+*** 382,389 ****
+  	      report_error (_("error importing function definition for `%s'"), name);
+  	    }
+- 
+- 	  /* ( */
+- 	  if (name[char_index - 1] == ')' && name[char_index - 2] == '\0')
+- 	    name[char_index - 2] = '(';		/* ) */
+  	}
+  #if defined (ARRAY_VARS)
+--- 385,388 ----
+*** subst.c	2014-08-11 11:16:35.000000000 -0400
+--- subst.c	2014-09-12 15:31:04.000000000 -0400
+***************
+*** 8048,8052 ****
+  	  goto return0;
+  	}
+!       else if (var = find_variable_last_nameref (temp1))
+  	{
+  	  temp = nameref_cell (var);
+--- 8118,8124 ----
+  	  goto return0;
+  	}
+!       else if (var && (invisible_p (var) || var_isset (var) == 0))
+! 	temp = (char *)NULL;
+!       else if ((var = find_variable_last_nameref (temp1)) && var_isset (var) && invisible_p (var) == 0)
+  	{
+  	  temp = nameref_cell (var);

srcpkgs/bash/template

@@ -3,7 +3,7 @@ pkgname=bash
 _bash_distver=4.3
 _bash_patchlevel=024
 version=${_bash_distver}.${_bash_patchlevel}
-revision=1
+revision=2
 wrksrc=${pkgname}-${_bash_distver}
 build_style=gnu-configure
 configure_args="--without-bash-malloc --with-curses --with-installed-readline"

srcpkgs/chroot-bash/patches

@@ -0,0 +1 @@
+../bash/patches

srcpkgs/chroot-bash/template

@@ -1,7 +1,7 @@
 # Template build file for 'chroot-bash'.
 pkgname=chroot-bash
 version=4.3
-revision=2
+revision=3
 wrksrc="bash-${version}"
 build_style=gnu-configure
 configure_args="--without-bash-malloc --without-curses --without-installed-readline --disable-nls"