From 8add5064c35f64fdf32d4f9b121b8f4c888ba1a2 Mon Sep 17 00:00:00 2001
From: Gustavo Zacarias <gustavo@zacarias.com.ar>
Date: Mon, 13 Aug 2012 10:09:18 -0300
Subject: bash: security bump to version 4.2 pl37

Bump bash to version 4.2 patchlevel 37.
Fixes CVE-2012-3410.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
---
 package/bash/bash-4.2-031.patch | 80 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 80 insertions(+)
 create mode 100644 package/bash/bash-4.2-031.patch

(limited to 'package/bash/bash-4.2-031.patch')

diff --git a/package/bash/bash-4.2-031.patch b/package/bash/bash-4.2-031.patch
new file mode 100644
index 000000000..d0077f3ef
--- /dev/null
+++ b/package/bash/bash-4.2-031.patch
@@ -0,0 +1,80 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	4.2
+Patch-ID:	bash42-031
+
+Bug-Reported-by:	Max Horn <max@quendi.de>
+Bug-Reference-ID:	<20CC5C60-07C3-4E41-9817-741E48D407C5@quendi.de>
+Bug-Reference-URL:	http://lists.gnu.org/archive/html/bug-readline/2012-06/msg00005.html
+
+Bug-Description:
+
+A change between bash-4.1 and bash-4.2 to prevent the readline input hook
+from being called too frequently had the side effect of causing delays
+when reading pasted input on systems such as Mac OS X.  This patch fixes
+those delays while retaining the bash-4.2 behavior.
+
+Patch (apply with `patch -p0'):
+
+*** ../bash-4.2-patched/lib/readline/input.c	2010-05-30 18:33:01.000000000 -0400
+--- ./lib/readline/input.c	2012-06-25 21:08:42.000000000 -0400
+***************
+*** 410,414 ****
+  rl_read_key ()
+  {
+!   int c;
+  
+    rl_key_sequence_length++;
+--- 412,416 ----
+  rl_read_key ()
+  {
+!   int c, r;
+  
+    rl_key_sequence_length++;
+***************
+*** 430,441 ****
+  	  while (rl_event_hook)
+  	    {
+! 	      if (rl_gather_tyi () < 0)	/* XXX - EIO */
+  		{
+  		  rl_done = 1;
+  		  return ('\n');
+  		}
+  	      RL_CHECK_SIGNALS ();
+- 	      if (rl_get_char (&c) != 0)
+- 		break;
+  	      if (rl_done)		/* XXX - experimental */
+  		return ('\n');
+--- 432,447 ----
+  	  while (rl_event_hook)
+  	    {
+! 	      if (rl_get_char (&c) != 0)
+! 		break;
+! 		
+! 	      if ((r = rl_gather_tyi ()) < 0)	/* XXX - EIO */
+  		{
+  		  rl_done = 1;
+  		  return ('\n');
+  		}
++ 	      else if (r == 1)			/* read something */
++ 		continue;
++ 
+  	      RL_CHECK_SIGNALS ();
+  	      if (rl_done)		/* XXX - experimental */
+  		return ('\n');
+*** ../bash-4.2-patched/patchlevel.h	Sat Jun 12 20:14:48 2010
+--- ./patchlevel.h	Thu Feb 24 21:41:34 2011
+***************
+*** 26,30 ****
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 30
+  
+  #endif /* _PATCHLEVEL_H_ */
+--- 26,30 ----
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 31
+  
+  #endif /* _PATCHLEVEL_H_ */
-- 
cgit v1.2.3