Patchlevel 39

bash.spec

@@ -1,6 +1,6 @@
 #% define beta_tag rc2
 %global _hardened_build 1
-%define patchleveltag .33
+%define patchleveltag .39
 %define baseversion 4.3
 %bcond_without tests
 %{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}}
@@ -8,7 +8,7 @@
 Version: %{baseversion}%{patchleveltag}
 Name: bash
 Summary: The GNU Bourne Again shell
-Release: 3%{?dist}
+Release: 1%{?dist}
 Group: System Environment/Shells
 License: GPLv3+
 Url: http://www.gnu.org/software/bash
@@ -64,6 +64,12 @@ Patch030: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-030
 Patch031: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-031
 Patch032: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-032
 Patch033: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-033
+Patch034: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-034
+Patch035: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-035
+Patch036: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-036
+Patch037: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-037
+Patch038: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-038
+Patch039: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-039
 
 
 # Other patches
@@ -116,7 +122,7 @@ Patch127: bash-4.2-trap.patch
 Patch128: bash-4.3-man-ulimit.patch
 
 # A series of patches emitted by upstream since 4.3-18
-Patch131: bash-4.3-parse-time-keyword.patch
+#Patch131: bash-4.3-parse-time-keyword.patch
 Patch134: bash-4.3-pathexp-globignore-delim.patch
 
 # 1102815 - fix double echoes in vi visual mode
@@ -181,6 +187,12 @@ This package contains documentation files for %{name}.
 %patch031 -p0 -b .031
 %patch032 -p0 -b .032
 %patch033 -p0 -b .033
+%patch034 -p0 -b .034
+%patch035 -p0 -b .035
+%patch036 -p0 -b .036
+%patch037 -p0 -b .037
+%patch038 -p0 -b .038
+%patch039 -p0 -b .039
 
 # Other patches
 %patch101 -p1 -b .security
@@ -208,7 +220,7 @@ This package contains documentation files for %{name}.
 %patch123 -p1
 %patch125 -p1 -b .size_type
 %patch128 -p1 -b .ulimit
-%patch131 -p0 -b .keyword
+#%patch131 -p0 -b .keyword
 %patch134 -p0 -b .delim
 %patch135 -p1 -b .noecho
 
@@ -409,6 +421,9 @@ end
 %doc doc/*.ps doc/*.0 doc/*.html doc/article.txt
 
 %changelog
+* Thu May 21 2015 Ondrej Oprala <ooprala@redhat.com> - 4.3.39-1
+- Patchlevel 39
+
 * Mon Mar 16 2015 Than Ngo <than@redhat.com> 4.3.33-3
 - rebuild against new gcc
 

bash43-034

@@ -0,0 +1,90 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	4.3
+Patch-ID:	bash43-034
+
+Bug-Reported-by:	Dreamcat4 <dreamcat4@gmail.com>
+Bug-Reference-ID:	<CAN39uTpAEs2GFu4ebC_SfSVMRTh-DJ9YanrY4BZZ3OO+CCHjng@mail.gmail.com>
+Bug-Reference-URL:	http://lists.gnu.org/archive/html/bug-bash/2015-05/msg00001.html
+
+Bug-Description:
+
+If neither the -f nor -v options is supplied to unset, and a name argument is
+found to be a function and unset, subsequent name arguments are not treated as
+variables before attempting to unset a function by that name.
+
+Patch (apply with `patch -p0'):
+
+*** ../bash-4.3-patched/builtins/set.def	2013-04-19 07:20:34.000000000 -0400
+--- builtins/set.def	2015-05-05 13:25:36.000000000 -0400
+***************
+*** 752,758 ****
+--- 797,805 ----
+  {
+    int unset_function, unset_variable, unset_array, opt, nameref, any_failed;
++   int global_unset_func, global_unset_var;
+    char *name;
+  
+    unset_function = unset_variable = unset_array = nameref = any_failed = 0;
++   global_unset_func = global_unset_var = 0;
+  
+    reset_internal_getopt ();
+***************
+*** 762,769 ****
+  	{
+  	case 'f':
+! 	  unset_function = 1;
+  	  break;
+  	case 'v':
+! 	  unset_variable = 1;
+  	  break;
+  	case 'n':
+--- 809,816 ----
+  	{
+  	case 'f':
+! 	  global_unset_func = 1;
+  	  break;
+  	case 'v':
+! 	  global_unset_var = 1;
+  	  break;
+  	case 'n':
+***************
+*** 778,782 ****
+    list = loptend;
+  
+!   if (unset_function && unset_variable)
+      {
+        builtin_error (_("cannot simultaneously unset a function and a variable"));
+--- 825,829 ----
+    list = loptend;
+  
+!   if (global_unset_func && global_unset_var)
+      {
+        builtin_error (_("cannot simultaneously unset a function and a variable"));
+***************
+*** 796,799 ****
+--- 843,849 ----
+        name = list->word->word;
+  
++       unset_function = global_unset_func;
++       unset_variable = global_unset_var;
++ 
+  #if defined (ARRAY_VARS)
+        unset_array = 0;
+
+*** ../bash-4.3/patchlevel.h	2012-12-29 10:47:57.000000000 -0500
+--- patchlevel.h	2014-03-20 20:01:28.000000000 -0400
+***************
+*** 26,30 ****
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 33
+  
+  #endif /* _PATCHLEVEL_H_ */
+--- 26,30 ----
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 34
+  
+  #endif /* _PATCHLEVEL_H_ */

bash43-035

@@ -0,0 +1,63 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	4.3
+Patch-ID:	bash43-035
+
+Bug-Reported-by:	<romerox.adrian@gmail.com>
+Bug-Reference-ID:	<CABV5r3zhPXmSKUe9uedeGc5YFBM2njJ1iVmY2h5neWdQpDBQug@mail.gmail.com>
+Bug-Reference-URL:	http://lists.gnu.org/archive/html/bug-bash/2014-08/msg00045.html
+
+Bug-Description:
+
+A locale with a long name can trigger a buffer overflow and core dump.  This
+applies on systems that do not have locale_charset in libc, are not using
+GNU libiconv, and are not using the libintl that ships with bash in lib/intl.
+
+Patch (apply with `patch -p0'):
+
+*** ../bash-4.3-patched/lib/sh/unicode.c	2014-01-30 16:47:19.000000000 -0500
+--- lib/sh/unicode.c	2015-05-01 08:58:30.000000000 -0400
+***************
+*** 79,83 ****
+    if (s)
+      {
+!       strcpy (charsetbuf, s+1);
+        t = strchr (charsetbuf, '@');
+        if (t)
+--- 79,84 ----
+    if (s)
+      {
+!       strncpy (charsetbuf, s+1, sizeof (charsetbuf) - 1);
+!       charsetbuf[sizeof (charsetbuf) - 1] = '\0';
+        t = strchr (charsetbuf, '@');
+        if (t)
+***************
+*** 85,89 ****
+        return charsetbuf;
+      }
+!   strcpy (charsetbuf, locale);
+    return charsetbuf;
+  }
+--- 86,91 ----
+        return charsetbuf;
+      }
+!   strncpy (charsetbuf, locale, sizeof (charsetbuf) - 1);
+!   charsetbuf[sizeof (charsetbuf) - 1] = '\0';
+    return charsetbuf;
+  }
+*** ../bash-4.3/patchlevel.h	2012-12-29 10:47:57.000000000 -0500
+--- patchlevel.h	2014-03-20 20:01:28.000000000 -0400
+***************
+*** 26,30 ****
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 34
+  
+  #endif /* _PATCHLEVEL_H_ */
+--- 26,30 ----
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 35
+  
+  #endif /* _PATCHLEVEL_H_ */

bash43-036

@@ -0,0 +1,57 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	4.3
+Patch-ID:	bash43-036
+
+Bug-Reported-by:	emanuelczirai@cryptolab.net
+Bug-Reference-ID:	<f962e4f556da5ebfadaf7afe9c78a8cb@cryptolab.net>
+Bug-Reference-URL:	http://lists.gnu.org/archive/html/bug-bash/2015-02/msg00071.html
+
+Bug-Description:
+
+When evaluating and setting integer variables, and the assignment fails to
+create a variable (for example, when performing an operation on an array
+variable with an invalid subscript), bash attempts to dereference a null
+pointer, causing a segmentation violation.
+
+Patch (apply with `patch -p0'):
+
+*** ../bash-20150206/variables.c	2015-01-23 20:39:27.000000000 -0500
+--- variables.c	2015-02-19 13:56:12.000000000 -0500
+***************
+*** 2834,2841 ****
+      v = bind_variable (lhs, rhs, 0);
+  
+!   if (v && isint)
+!     VSETATTR (v, att_integer);
+! 
+!   VUNSETATTR (v, att_invisible);
+  
+    return (v);
+--- 2834,2843 ----
+      v = bind_variable (lhs, rhs, 0);
+  
+!   if (v)
+!     {
+!       if (isint)
+! 	VSETATTR (v, att_integer);
+!       VUNSETATTR (v, att_invisible);
+!     }
+  
+    return (v);
+*** ../bash-4.3/patchlevel.h	2012-12-29 10:47:57.000000000 -0500
+--- patchlevel.h	2014-03-20 20:01:28.000000000 -0400
+***************
+*** 26,30 ****
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 35
+  
+  #endif /* _PATCHLEVEL_H_ */
+--- 26,30 ----
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 36
+  
+  #endif /* _PATCHLEVEL_H_ */

bash43-037

@@ -0,0 +1,43 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	4.3
+Patch-ID:	bash43-037
+
+Bug-Reported-by:	Greg Wooledge <wooledg@eeg.ccf.org>
+Bug-Reference-ID:	<20150204144240.GN13956@eeg.ccf.org>
+Bug-Reference-URL:	http://lists.gnu.org/archive/html/bug-bash/2015-02/msg00007.html
+
+Bug-Description:
+
+If an associative array uses `@' or `*' as a subscript, `declare -p' produces
+output that cannot be reused as input.
+
+Patch (apply with `patch -p0'):
+
+*** ../bash-4.3-patched/assoc.c	2011-11-05 16:39:05.000000000 -0400
+--- assoc.c	2015-02-04 15:28:25.000000000 -0500
+***************
+*** 437,440 ****
+--- 440,445 ----
+  	if (sh_contains_shell_metas (tlist->key))
+  	  istr = sh_double_quote (tlist->key);
++ 	else if (ALL_ELEMENT_SUB (tlist->key[0]) && tlist->key[1] == '\0')
++ 	  istr = sh_double_quote (tlist->key);	
+  	else
+  	  istr = tlist->key;	
+*** ../bash-4.3/patchlevel.h	2012-12-29 10:47:57.000000000 -0500
+--- patchlevel.h	2014-03-20 20:01:28.000000000 -0400
+***************
+*** 26,30 ****
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 36
+  
+  #endif /* _PATCHLEVEL_H_ */
+--- 26,30 ----
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 37
+  
+  #endif /* _PATCHLEVEL_H_ */

bash43-038

@@ -0,0 +1,88 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	4.3
+Patch-ID:	bash43-038
+
+Bug-Reported-by:	worley@alum.mit.edu (Dale R. Worley)
+Bug-Reference-ID:	<201406100051.s5A0pCeB014978@hobgoblin.ariadne.com>
+Bug-Reference-URL:	http://lists.gnu.org/archive/html/bug-bash/2014-06/msg00028.html
+
+Bug-Description:
+
+There are a number of instances where `time' is not recognized as a reserved
+word when the shell grammar says it should be.
+
+Patch (apply with `patch -p0'):
+
+*** ../bash-4.3-patched/parse.y	2014-04-07 11:56:12.000000000 -0400
+--- parse.y	2014-06-11 10:25:53.000000000 -0400
+***************
+*** 2819,2827 ****
+      case OR_OR:
+      case '&':
+      case DO:
+      case THEN:
+      case ELSE:
+      case '{':		/* } */
+!     case '(':		/* ) */
+      case BANG:		/* ! time pipeline */
+      case TIME:		/* time time pipeline */
+--- 2819,2832 ----
+      case OR_OR:
+      case '&':
++     case WHILE:
+      case DO:
++     case UNTIL:
++     case IF:
+      case THEN:
++     case ELIF:
+      case ELSE:
+      case '{':		/* } */
+!     case '(':		/* )( */
+!     case ')':		/* only valid in case statement */
+      case BANG:		/* ! time pipeline */
+      case TIME:		/* time time pipeline */
+*** ../bash-4.3-patched/y.tab.c	2014-10-05 13:52:50.000000000 -0400
+--- y.tab.c	2015-05-19 15:08:43.000000000 -0400
+***************
+*** 5131,5139 ****
+      case OR_OR:
+      case '&':
+      case DO:
+      case THEN:
+      case ELSE:
+      case '{':		/* } */
+!     case '(':		/* ) */
+      case BANG:		/* ! time pipeline */
+      case TIME:		/* time time pipeline */
+--- 5131,5144 ----
+      case OR_OR:
+      case '&':
++     case WHILE:
+      case DO:
++     case UNTIL:
++     case IF:
+      case THEN:
++     case ELIF:
+      case ELSE:
+      case '{':		/* } */
+!     case '(':		/* )( */
+!     case ')':		/* only valid in case statement */
+      case BANG:		/* ! time pipeline */
+      case TIME:		/* time time pipeline */
+*** ../bash-4.3/patchlevel.h	2012-12-29 10:47:57.000000000 -0500
+--- patchlevel.h	2014-03-20 20:01:28.000000000 -0400
+***************
+*** 26,30 ****
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 37
+  
+  #endif /* _PATCHLEVEL_H_ */
+--- 26,30 ----
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 38
+  
+  #endif /* _PATCHLEVEL_H_ */

bash43-039

@@ -0,0 +1,57 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	4.3
+Patch-ID:	bash43-039
+
+Bug-Reported-by:	SN <poczta-sn@gazeta.pl>
+Bug-Reference-ID:	<54E2554C.205@gazeta.pl>
+Bug-Reference-URL:	http://lists.gnu.org/archive/html/bug-bash/2015-02/msg00060.html
+
+Bug-Description:
+
+Using the output of `declare -p' when run in a function can result in variables
+that are invisible to `declare -p'.  This problem occurs when an assignment
+builtin such as `declare' receives a quoted compound array assignment as one of
+its arguments.
+
+Patch (apply with `patch -p0'):
+
+*** /usr/src/local/bash/bash-4.3-patched/arrayfunc.c	2014-10-01 13:08:48.000000000 -0400
+--- arrayfunc.c	2015-02-19 14:33:05.000000000 -0500
+***************
+*** 405,408 ****
+--- 405,411 ----
+      else
+        array_insert (a, i, l->word->word);
++ 
++   VUNSETATTR (var, att_invisible);	/* no longer invisible */
++ 
+    return var;
+  }
+***************
+*** 635,638 ****
+--- 638,645 ----
+    if (nlist)
+      dispose_words (nlist);
++ 
++   if (var)
++     VUNSETATTR (var, att_invisible);	/* no longer invisible */
++ 
+    return (var);
+  }
+*** ../bash-4.3/patchlevel.h	2012-12-29 10:47:57.000000000 -0500
+--- patchlevel.h	2014-03-20 20:01:28.000000000 -0400
+***************
+*** 26,30 ****
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 38
+  
+  #endif /* _PATCHLEVEL_H_ */
+--- 26,30 ----
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 39
+  
+  #endif /* _PATCHLEVEL_H_ */