[Buildroot] [PATCH next 2/2] bash: bump version to 4.4
Vicente Olivert Riera
Vincent.Riera at imgtec.com
Tue Nov 29 12:59:23 UTC 2016
Hi Thomas,
On 29/11/16 12:40, Thomas Petazzoni wrote:
> Hello,
>
> On Tue, 29 Nov 2016 12:24:04 +0000, Vicente Olivert Riera wrote:
>> Signed-off-by: Vicente Olivert Riera <Vincent.Riera at imgtec.com>
>> ---
>> Notes to maintainer
>> - This new version contains a small security fix. From
>> http://tiswww.case.edu/php/chet/bash/NEWS:
>>
>> "Shells running as root no longer inherit PS4 from the environment,
>> closing a security hole involving PS4 expansion performing command
>> substitution."
>>
>> However, taking into account that bash is a critical package and the
>> 2016.11 release is very close I've marked this patch as "next".
>
> "is a critical package" or "is *NOT* a critical package" ? If it's a
> critical package like you suggest, then perhaps we want it in master
> anyway ?
It *IS*, that's why I thought you may not want to have such a big
changes in master so close to the next release if you consider that
security fix is not very important.
Of course, if you think it's important then apply it to master.
I'm gonna test more reverse dependencies of readline by the way. I'll
let you know how it goes.
Vincent
>
> Thanks,
>
> Thomas
>
More information about the buildroot
mailing list