notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
This referral link gives you 10% off a account and gives me a discount on my Fastmail account.
New feature planned: get notified when the package is available. Now is the time to contribute ideas/suggestions.
non port: shells/bash/files/extrapatch-import-functions

Number of commits found: 3

Friday, 30 Sep 2016
17:19 ehaupt search for other commits by this committer
Update to 4.4

Differential Revision:
Original commitRevision:423003 
Sunday, 28 Sep 2014
16:47 bdrewery search for other commits by this committer
- Update to patchlevel 27 which changes how functions are exported.
  This should eliminate the recent vulnerabilities, but keep the
  requirement for --import-functions/IMPORTFUNCTIONS option for now.
- Loosen the --import-functions requirement so it is not needed when running
  an interactive shell. It is already disallowed for privileged/setuid mode.
- Show an error on stderr when an imported function is ignored.
Original commitRevision:369467 
Friday, 26 Sep 2014
20:33 bdrewery search for other commits by this committer
Disable function importing from the environment by default.  This can be
enabled by using --import-functions or enabling the IMPORTFUNCTIONS option.

This removes the risk of further parser bugs leading to code execution, as
well as the risk to setuid scripts and poorly written applications that
do not cleanse their environment [1][2].

Also note that there is an unofficial 4.3.26 floating around that has not yet
been officially released.  r369261 covers the change in 4.3.26.

See also: [1] [2] [3]

Obtained from:	NetBSD (based on) [3]
PR:		193932
Reviewed by:	Eric Vangyzen
With hat:	portmgr
Original commitRevision:369341 

Number of commits found: 3