This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: New bash vulnerability.

On 09/24/2014 12:12 PM, David Young wrote:
> Hi,
> I've been seeing some traffic on this new bash vulnerability and
> wanted to know if cygwin team will be updating bash with these
> patches.

Already done.  Upgrade to 4.1.12-5.

> Alternatively, is there a build guide that I can use to compile
> bash-src with this patch myself?  After extracting the cygwin bash-src
> package, I'm unclear as to how to move forward with these src.patch
> cygwin.patch files and also what tools are necessary to build.  I'm
> interested in 3.2.51(now 52 with the patch).

Oh, you're using the OLDER build.  For that, you'll have to do it
yourself; but the easiest trick will be modifying the cygport script
that came with the -src.tar.bz2 file to mention patch 52 instead of
patch 51 as the starting point (it may be as simple as mv
bash-3.2.{51,52}-*.cygport), before using cygport to regenerate the package.

Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library

Attachment: signature.asc
Description: OpenPGP digital signature

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]