[OE-core] bash: Fix CVE-2019-18276
Andrey Zhizhikin
andrey.z at gmail.com
Mon Feb 17 06:44:06 UTC 2020
On Mon, Feb 17, 2020 at 4:26 AM Phil Reid <preid at electromag.com.au> wrote:
>
> Hi All,
>
> I recently started get the following failure with bash after "b348e31c93f0 bash: Fix CVE-2019-18276"
> was applied to zeus.
>
> Any thoughts?
>
>
> NOTE: Applying patch 'bash50-001' (downloads/bash50-001)
> NOTE: Applying patch 'bash50-002' (downloads/bash50-002)
> NOTE: Applying patch 'bash50-003' (downloads/bash50-003)
> NOTE: Applying patch 'bash50-004' (downloads/bash50-004)
> NOTE: Applying patch 'bash50-005' (downloads/bash50-005)
> NOTE: Applying patch 'bash50-006' (downloads/bash50-006)
> NOTE: Applying patch 'bash50-007' (downloads/bash50-007)
> NOTE: Applying patch 'execute_cmd.patch' (layers/openembedded-core/meta/recipes-extended/bash/bash/execute_cmd.patch)
> NOTE: Applying patch 'mkbuiltins_have_stringize.patch' (layers/openembedded-core/meta/recipes-extended/bash/bash/mkbuiltins_have_stringize.patch)
> NOTE: Applying patch 'build-tests.patch' (layers/openembedded-core/meta/recipes-extended/bash/bash/build-tests.patch)
> NOTE: Applying patch 'test-output.patch' (layers/openembedded-core/meta/recipes-extended/bash/bash/test-output.patch)
> NOTE: Applying patch 'fix-run-builtins.patch' (layers/openembedded-core/meta/recipes-extended/bash/bash/fix-run-builtins.patch)
> NOTE: Applying patch 'bash-CVE-2019-18276.patch' (layers/openembedded-core/meta/recipes-extended/bash/bash/bash-CVE-2019-18276.patch)
> ERROR: Command Error: 'quilt --quiltrc
> /home/preid/dev/linux/v2019.11/tmp-glibc/work/cortexa9t2hf-neon-emit-linux-gnueabi/bash/5.0-r0/recipe-sysroot-native/etc/quiltrc push' exited with 0 Output:
> Applying patch bash-CVE-2019-18276.patch
> patching file MANIFEST
> patching file bashline.c
> patching file builtins/help.def
> patching file config.h.in
> patching file configure
> Hunk #1 FAILED at 10281.
> 1 out of 1 hunk FAILED -- rejects in file configure
> patching file configure.ac
> patching file doc/bash.1
> patching file doc/bashref.texi
> patching file lib/glob/glob.c
> patching file pathexp.c
> patching file shell.c
> patching file tests/glob.tests
> patching file tests/glob6.sub
> patching file tests/glob7.sub
> Patch bash-CVE-2019-18276.patch does not apply (enforce with -f)
> DEBUG: Python function patch_do_patch finished
> DEBUG: Python function do_patch finished
Had the same issue the day before, re-building bash clean solved it.
At first I wanted to report it as well, but then after I tried "-c
cleanall" - the issue was gone.
Try to do a clean build of bash and see if it is still reproducible.
>
> --
> Regards
> Phil Reid
>
> ElectroMagnetic Imaging Technology Pty Ltd
> Development of Geophysical Instrumentation & Software
> www.electromag.com.au
>
> 3 The Avenue, Midland WA 6056, AUSTRALIA
> Ph: +61 8 9250 8100
> Fax: +61 8 9250 7100
> Email: preid at electromag.com.au
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core at lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
--
Regards,
Andrey.
More information about the Openembedded-core
mailing list