BASH PATCH REPORT
                            =================

Bash-Release:   4.3
Patch-ID:       bash43-048

Bug-Reported-by:        [email protected]
Bug-Reference-ID:       <[email protected]>
Bug-Reference-URL:      http://lists.gnu.org/archive/html/bug-bash/2015-12/msg00054.html

Bug-Description:

If a malicious user can inject a value of $SHELLOPTS containing `xtrace'
and a value for $PS4 that includes a command substitution into a shell
running as root, bash will expand the command substitution as part of
expanding $PS4 when it executes a traced command.

Patch (apply with `patch -p0'):

*** ../bash-4.3-patched/variables.c     2015-11-26 12:31:21.000000000 -0500
--- variables.c 2015-12-23 10:19:01.000000000 -0500
***************
*** 496,500 ****
       set_if_not ("PS2", secondary_prompt);
     }
!   set_if_not ("PS4", "+ ");

   /* Don't allow IFS to be imported from the environment. */
--- 496,504 ----
       set_if_not ("PS2", secondary_prompt);
     }
!
!   if (current_user.euid == 0)
!     bind_variable ("PS4", "+ ", 0);
!   else
!     set_if_not ("PS4", "+ ");

   /* Don't allow IFS to be imported from the environment. */

*** ../bash-4.3/patchlevel.h    2012-12-29 10:47:57.000000000 -0500
--- patchlevel.h        2014-03-20 20:01:28.000000000 -0400
***************
*** 26,30 ****
    looks for to find the patch level (for the sccs version string). */

! #define PATCHLEVEL 47

 #endif /* _PATCHLEVEL_H_ */
--- 26,30 ----
    looks for to find the patch level (for the sccs version string). */

! #define PATCHLEVEL 48

 #endif /* _PATCHLEVEL_H_ */

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.