diff --git a/bash.spec b/bash.spec index 6e18737..3d4ff8c 100644 --- a/bash.spec +++ b/bash.spec @@ -1,6 +1,6 @@ #% define beta_tag rc2 %global _hardened_build 1 -%define patchleveltag .33 +%define patchleveltag .39 %define baseversion 4.3 %bcond_without tests %{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}} @@ -8,7 +8,7 @@ Version: %{baseversion}%{patchleveltag} Name: bash Summary: The GNU Bourne Again shell -Release: 3%{?dist} +Release: 1%{?dist} Group: System Environment/Shells License: GPLv3+ Url: http://www.gnu.org/software/bash @@ -64,6 +64,12 @@ Patch030: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-030 Patch031: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-031 Patch032: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-032 Patch033: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-033 +Patch034: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-034 +Patch035: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-035 +Patch036: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-036 +Patch037: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-037 +Patch038: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-038 +Patch039: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-039 # Other patches @@ -116,7 +122,7 @@ Patch127: bash-4.2-trap.patch Patch128: bash-4.3-man-ulimit.patch # A series of patches emitted by upstream since 4.3-18 -Patch131: bash-4.3-parse-time-keyword.patch +#Patch131: bash-4.3-parse-time-keyword.patch Patch134: bash-4.3-pathexp-globignore-delim.patch # 1102815 - fix double echoes in vi visual mode @@ -181,6 +187,12 @@ This package contains documentation files for %{name}. %patch031 -p0 -b .031 %patch032 -p0 -b .032 %patch033 -p0 -b .033 +%patch034 -p0 -b .034 +%patch035 -p0 -b .035 +%patch036 -p0 -b .036 +%patch037 -p0 -b .037 +%patch038 -p0 -b .038 +%patch039 -p0 -b .039 # Other patches %patch101 -p1 -b .security @@ -208,7 +220,7 @@ This package contains documentation files for %{name}. %patch123 -p1 %patch125 -p1 -b .size_type %patch128 -p1 -b .ulimit -%patch131 -p0 -b .keyword +#%patch131 -p0 -b .keyword %patch134 -p0 -b .delim %patch135 -p1 -b .noecho @@ -409,6 +421,9 @@ end %doc doc/*.ps doc/*.0 doc/*.html doc/article.txt %changelog +* Thu May 21 2015 Ondrej Oprala - 4.3.39-1 +- Patchlevel 39 + * Mon Mar 16 2015 Than Ngo 4.3.33-3 - rebuild against new gcc diff --git a/bash43-034 b/bash43-034 new file mode 100644 index 0000000..17372aa --- /dev/null +++ b/bash43-034 @@ -0,0 +1,90 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.3 +Patch-ID: bash43-034 + +Bug-Reported-by: Dreamcat4 +Bug-Reference-ID: +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2015-05/msg00001.html + +Bug-Description: + +If neither the -f nor -v options is supplied to unset, and a name argument is +found to be a function and unset, subsequent name arguments are not treated as +variables before attempting to unset a function by that name. + +Patch (apply with `patch -p0'): + +*** ../bash-4.3-patched/builtins/set.def 2013-04-19 07:20:34.000000000 -0400 +--- builtins/set.def 2015-05-05 13:25:36.000000000 -0400 +*************** +*** 752,758 **** +--- 797,805 ---- + { + int unset_function, unset_variable, unset_array, opt, nameref, any_failed; ++ int global_unset_func, global_unset_var; + char *name; + + unset_function = unset_variable = unset_array = nameref = any_failed = 0; ++ global_unset_func = global_unset_var = 0; + + reset_internal_getopt (); +*************** +*** 762,769 **** + { + case 'f': +! unset_function = 1; + break; + case 'v': +! unset_variable = 1; + break; + case 'n': +--- 809,816 ---- + { + case 'f': +! global_unset_func = 1; + break; + case 'v': +! global_unset_var = 1; + break; + case 'n': +*************** +*** 778,782 **** + list = loptend; + +! if (unset_function && unset_variable) + { + builtin_error (_("cannot simultaneously unset a function and a variable")); +--- 825,829 ---- + list = loptend; + +! if (global_unset_func && global_unset_var) + { + builtin_error (_("cannot simultaneously unset a function and a variable")); +*************** +*** 796,799 **** +--- 843,849 ---- + name = list->word->word; + ++ unset_function = global_unset_func; ++ unset_variable = global_unset_var; ++ + #if defined (ARRAY_VARS) + unset_array = 0; + +*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 +--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 33 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 34 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-035 b/bash43-035 new file mode 100644 index 0000000..f18bc60 --- /dev/null +++ b/bash43-035 @@ -0,0 +1,63 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.3 +Patch-ID: bash43-035 + +Bug-Reported-by: +Bug-Reference-ID: +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-08/msg00045.html + +Bug-Description: + +A locale with a long name can trigger a buffer overflow and core dump. This +applies on systems that do not have locale_charset in libc, are not using +GNU libiconv, and are not using the libintl that ships with bash in lib/intl. + +Patch (apply with `patch -p0'): + +*** ../bash-4.3-patched/lib/sh/unicode.c 2014-01-30 16:47:19.000000000 -0500 +--- lib/sh/unicode.c 2015-05-01 08:58:30.000000000 -0400 +*************** +*** 79,83 **** + if (s) + { +! strcpy (charsetbuf, s+1); + t = strchr (charsetbuf, '@'); + if (t) +--- 79,84 ---- + if (s) + { +! strncpy (charsetbuf, s+1, sizeof (charsetbuf) - 1); +! charsetbuf[sizeof (charsetbuf) - 1] = '\0'; + t = strchr (charsetbuf, '@'); + if (t) +*************** +*** 85,89 **** + return charsetbuf; + } +! strcpy (charsetbuf, locale); + return charsetbuf; + } +--- 86,91 ---- + return charsetbuf; + } +! strncpy (charsetbuf, locale, sizeof (charsetbuf) - 1); +! charsetbuf[sizeof (charsetbuf) - 1] = '\0'; + return charsetbuf; + } +*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 +--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 34 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 35 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-036 b/bash43-036 new file mode 100644 index 0000000..5b42c24 --- /dev/null +++ b/bash43-036 @@ -0,0 +1,57 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.3 +Patch-ID: bash43-036 + +Bug-Reported-by: emanuelczirai@cryptolab.net +Bug-Reference-ID: +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2015-02/msg00071.html + +Bug-Description: + +When evaluating and setting integer variables, and the assignment fails to +create a variable (for example, when performing an operation on an array +variable with an invalid subscript), bash attempts to dereference a null +pointer, causing a segmentation violation. + +Patch (apply with `patch -p0'): + +*** ../bash-20150206/variables.c 2015-01-23 20:39:27.000000000 -0500 +--- variables.c 2015-02-19 13:56:12.000000000 -0500 +*************** +*** 2834,2841 **** + v = bind_variable (lhs, rhs, 0); + +! if (v && isint) +! VSETATTR (v, att_integer); +! +! VUNSETATTR (v, att_invisible); + + return (v); +--- 2834,2843 ---- + v = bind_variable (lhs, rhs, 0); + +! if (v) +! { +! if (isint) +! VSETATTR (v, att_integer); +! VUNSETATTR (v, att_invisible); +! } + + return (v); +*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 +--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 35 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 36 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-037 b/bash43-037 new file mode 100644 index 0000000..f04012b --- /dev/null +++ b/bash43-037 @@ -0,0 +1,43 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.3 +Patch-ID: bash43-037 + +Bug-Reported-by: Greg Wooledge +Bug-Reference-ID: <20150204144240.GN13956@eeg.ccf.org> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2015-02/msg00007.html + +Bug-Description: + +If an associative array uses `@' or `*' as a subscript, `declare -p' produces +output that cannot be reused as input. + +Patch (apply with `patch -p0'): + +*** ../bash-4.3-patched/assoc.c 2011-11-05 16:39:05.000000000 -0400 +--- assoc.c 2015-02-04 15:28:25.000000000 -0500 +*************** +*** 437,440 **** +--- 440,445 ---- + if (sh_contains_shell_metas (tlist->key)) + istr = sh_double_quote (tlist->key); ++ else if (ALL_ELEMENT_SUB (tlist->key[0]) && tlist->key[1] == '\0') ++ istr = sh_double_quote (tlist->key); + else + istr = tlist->key; +*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 +--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 36 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 37 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-038 b/bash43-038 new file mode 100644 index 0000000..e0de74e --- /dev/null +++ b/bash43-038 @@ -0,0 +1,88 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.3 +Patch-ID: bash43-038 + +Bug-Reported-by: worley@alum.mit.edu (Dale R. Worley) +Bug-Reference-ID: <201406100051.s5A0pCeB014978@hobgoblin.ariadne.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-06/msg00028.html + +Bug-Description: + +There are a number of instances where `time' is not recognized as a reserved +word when the shell grammar says it should be. + +Patch (apply with `patch -p0'): + +*** ../bash-4.3-patched/parse.y 2014-04-07 11:56:12.000000000 -0400 +--- parse.y 2014-06-11 10:25:53.000000000 -0400 +*************** +*** 2819,2827 **** + case OR_OR: + case '&': + case DO: + case THEN: + case ELSE: + case '{': /* } */ +! case '(': /* ) */ + case BANG: /* ! time pipeline */ + case TIME: /* time time pipeline */ +--- 2819,2832 ---- + case OR_OR: + case '&': ++ case WHILE: + case DO: ++ case UNTIL: ++ case IF: + case THEN: ++ case ELIF: + case ELSE: + case '{': /* } */ +! case '(': /* )( */ +! case ')': /* only valid in case statement */ + case BANG: /* ! time pipeline */ + case TIME: /* time time pipeline */ +*** ../bash-4.3-patched/y.tab.c 2014-10-05 13:52:50.000000000 -0400 +--- y.tab.c 2015-05-19 15:08:43.000000000 -0400 +*************** +*** 5131,5139 **** + case OR_OR: + case '&': + case DO: + case THEN: + case ELSE: + case '{': /* } */ +! case '(': /* ) */ + case BANG: /* ! time pipeline */ + case TIME: /* time time pipeline */ +--- 5131,5144 ---- + case OR_OR: + case '&': ++ case WHILE: + case DO: ++ case UNTIL: ++ case IF: + case THEN: ++ case ELIF: + case ELSE: + case '{': /* } */ +! case '(': /* )( */ +! case ')': /* only valid in case statement */ + case BANG: /* ! time pipeline */ + case TIME: /* time time pipeline */ +*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 +--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 37 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 38 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-039 b/bash43-039 new file mode 100644 index 0000000..e5e3887 --- /dev/null +++ b/bash43-039 @@ -0,0 +1,57 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.3 +Patch-ID: bash43-039 + +Bug-Reported-by: SN +Bug-Reference-ID: <54E2554C.205@gazeta.pl> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2015-02/msg00060.html + +Bug-Description: + +Using the output of `declare -p' when run in a function can result in variables +that are invisible to `declare -p'. This problem occurs when an assignment +builtin such as `declare' receives a quoted compound array assignment as one of +its arguments. + +Patch (apply with `patch -p0'): + +*** /usr/src/local/bash/bash-4.3-patched/arrayfunc.c 2014-10-01 13:08:48.000000000 -0400 +--- arrayfunc.c 2015-02-19 14:33:05.000000000 -0500 +*************** +*** 405,408 **** +--- 405,411 ---- + else + array_insert (a, i, l->word->word); ++ ++ VUNSETATTR (var, att_invisible); /* no longer invisible */ ++ + return var; + } +*************** +*** 635,638 **** +--- 638,645 ---- + if (nlist) + dispose_words (nlist); ++ ++ if (var) ++ VUNSETATTR (var, att_invisible); /* no longer invisible */ ++ + return (var); + } +*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 +--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 38 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 39 + + #endif /* _PATCHLEVEL_H_ */