[bash/f19] Patchlevel 48

[Ondrej Oprala]

commit bcac4b808be5c999f92ff7e029a97a122b8c6003
Author: Ondrej Oprala <ooprala at redhat.com>
Date:   Thu Sep 25 22:16:09 2014 +0200

    Patchlevel 48

 bash.spec                                  |   13 ++++++-----
 bash-4.2-cve-2014-6271.patch => bash42-048 |   32 ++++++++++++++++++++++++++++
 2 files changed, 39 insertions(+), 6 deletions(-)
---
diff --git a/bash.spec b/bash.spec
index a32c830..b6fe045 100644
--- a/bash.spec
+++ b/bash.spec
@@ -1,12 +1,12 @@
 #% define beta_tag rc2
-%define patchleveltag .47
+%define patchleveltag .48
 %define baseversion 4.2
 %bcond_without tests
 
 Version: %{baseversion}%{patchleveltag}
 Name: bash
 Summary: The GNU Bourne Again shell
-Release: 2%{?dist}
+Release: 1%{?dist}
 Group: System Environment/Shells
 License: GPLv3+
 Url: http://www.gnu.org/software/bash
@@ -67,6 +67,7 @@ Patch044: ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-044
 Patch045: ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-045
 Patch046: ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-046
 Patch047: ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-047
+Patch048: ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-048
 
 # Other patches
 Patch101: bash-2.02-security.patch
@@ -117,9 +118,6 @@ Patch125: bash-4.2-size_type.patch
 # 903833, Fix missing close(), fixes fd leaks
 Patch126: bash-4.2-missing_closes.patch
 
-# CVE-2014-6271
-Patch127: bash-4.2-cve-2014-6271.patch
-
 BuildRequires: texinfo bison
 BuildRequires: ncurses-devel
 BuildRequires: autoconf, gettext
@@ -195,6 +193,7 @@ This package contains documentation files for %{name}.
 %patch045 -p0 -b .045
 %patch046 -p0 -b .046
 %patch047 -p0 -b .047
+%patch048 -p0 -b .048
 
 # Other patches
 %patch101 -p1 -b .security
@@ -223,7 +222,6 @@ This package contains documentation files for %{name}.
 %patch124 -p1 -b .signal
 %patch125 -p1 -b .size_type
 %patch126 -p1 -b .missing_closes
-%patch127 -p0 -b .6271
 
 echo %{version} > _distribution
 echo %{release} > _patchlevel
@@ -416,6 +414,9 @@ end
 #%doc doc/*.ps doc/*.0 doc/*.html doc/article.txt
 
 %changelog
+* Thu Sep 25 2014 Ondrej Oprala <ooprala at redhat.com - 4.2.48-1
+- Patchlevel 48
+
 * Wed Sep 24 2014 Ondrej Oprala <ooprala at redhat.com - 4.2.47-2
 - Inhibit code injection - patch by Stephane Chazelas
 
diff --git a/bash-4.2-cve-2014-6271.patch b/bash42-048
similarity index 75%
rename from bash-4.2-cve-2014-6271.patch
rename to bash42-048
index 54e2b89..d6097fb 100644
--- a/bash-4.2-cve-2014-6271.patch
+++ b/bash42-048
@@ -1,3 +1,20 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	4.2
+Patch-ID:	bash42-048
+
+Bug-Reported-by:	Stephane Chazelas <stephane.chazelas at gmail.com>
+Bug-Reference-ID:
+Bug-Reference-URL:
+
+Bug-Description:
+
+Under certain circumstances, bash will execute user code while processing the
+environment for exported function definitions.
+
+Patch (apply with `patch -p0'):
+
 *** ../bash-4.2.47/builtins/common.h	2010-05-30 18:31:51.000000000 -0400
 --- builtins/common.h	2014-09-16 19:35:45.000000000 -0400
 ***************
@@ -70,3 +87,18 @@
   	}
   #if defined (ARRAY_VARS)
 --- 360,363 ----
+*** ../bash-4.2-patched/patchlevel.h	Sat Jun 12 20:14:48 2010
+--- patchlevel.h	Thu Feb 24 21:41:34 2011
+***************
+*** 26,30 ****
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 47
+  
+  #endif /* _PATCHLEVEL_H_ */
+--- 26,30 ----
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 48
+  
+  #endif /* _PATCHLEVEL_H_ */