Package: bash / 4.3-11+deb8u1
Metadata
Package | Version | Patches format |
---|---|---|
bash | 4.3-11+deb8u1 | 3.0 (quilt) |
Patch series
view the series filePatch | File delta | Description |
---|---|---|
bash43 001.diff | (download) |
patchlevel.h |
2 1 + 1 - 0 ! |
A missing check for a valid option prevented `test -R' from working. There is another problem that causes bash to look up the wrong variable name when processing the argument to `test -R'. Patch (apply with `patch -p0'): |
bash43 002.diff | (download) |
patchlevel.h |
2 1 + 1 - 0 ! |
A change to save state while running the DEBUG trap caused pipelines to hang on systems which need process group synchronization while building pipelines. Patch (apply with `patch -p0'): |
bash43 003.diff | (download) |
lib/readline/readline.c |
3 2 + 1 - 0 ! |
When in callback mode, some readline commands can cause readline to seg fault by passing invalid contexts to callback functions. Patch (apply with `patch -p0'): |
bash43 004.diff | (download) |
lib/readline/readline.c |
2 1 + 1 - 0 ! |
The `.' command in vi mode cannot undo multi-key commands beginning with `c', `d', and `y' (command plus motion specifier). Patch (apply with `patch -p0'): |
bash43 005.diff | (download) |
parse.y |
2 1 + 1 - 0 ! |
When in Posix mode, bash did not correctly interpret the ANSI-C-style $'...' quoting mechanism when performing pattern substitution word expansions within double quotes. Patch (apply with `patch -p0'): |
bash43 006.diff | (download) |
jobs.c |
2 1 + 1 - 0 ! |
A shell that started with job control active but was not interactive left the terminal in the wrong process group when exiting, causing its parent shell to get a stop signal when it attempted to read from the terminal. Patch (apply with `patch -p0'): |
bash43 007.diff | (download) |
arrayfunc.c |
5 5 + 0 - 0 ! |
Using compound assignments for associative arrays like assoc=( [x]= [y]=bar ) left the value corresponding to the key `x' NULL. This caused subsequent lookups to interpret it as unset. Patch (apply with `patch -p0'): |
bash43 008.diff | (download) |
lib/glob/glob.c |
59 34 + 25 - 0 ! |
Some extended glob patterns incorrectly matched filenames with a leading dot, regardless of the setting of the `dotglob' option. Patch (apply with `patch -p0'): |
bash43 009.diff | (download) |
parse.y |
2 1 + 1 - 0 ! |
There is a problem with unsigned sign extension when attempting to reallocate the input line when it is fewer than 3 characters long and there has been a history expansion. The sign extension causes the shell to not reallocate the line, which results in a segmentation fault when it writes past the end. |
bash43 010.diff | (download) |
externs.h |
1 1 + 0 - 0 ! |
Patch (apply with `patch -p0'): This patch changes the behavior of programmable completion to compensate for two assumptions made by the bash-completion package. Bash-4.3 changed to dequote the argument to programmable completion only under certain circumstances, to make the behavior of compgen more consistent when run from the command line -- closer to the behavior when run by a shell function run as part of programmable completion. Bash-completion can pass quoted arguments to compgen when the original word to be completed was not quoted, expecting programmable completion to dequote the word before attempting completion. This patch fixes two cases: 1. An empty string that bash-completion passes to compgen as a quoted null string (''). 2. An unquoted word that bash-completion quotes using single quotes or backslashes before passing it to compgen. In these cases, since readline did not detect a quote character in the original word to be completed, bash-4.3 |
bash43 011.diff | (download) |
lib/readline/display.c |
3 2 + 1 - 0 ! |
The signal handling changes to bash and readline (to avoid running any code in a signal handler context) cause the cursor to be placed on the wrong line of a multi-line command after a ^C interrupts editing. |
bash43 012.diff | (download) |
jobs.c |
1 1 + 0 - 0 ! |
When a SIGCHLD trap runs a command containing a shell builtin while a script is running `wait' to wait for all running children to complete, the SIGCHLD trap will not be run once for each child that terminates. Patch (apply with `patch -p0'): |
bash43 013.diff | (download) |
lib/readline/display.c |
9 7 + 2 - 0 ! |
Using reverse-i-search when horizontal scrolling is enabled does not redisplay the entire line containing the successful search results. Patch (apply with `patch -p0'): |
bash43 014.diff | (download) |
patchlevel.h |
2 1 + 1 - 0 ! |
Under certain circumstances, $@ is expanded incorrectly in contexts where word splitting is not performed. Patch (apply with `patch -p0'): |
bash43 015.diff | (download) |
bashline.c |
11 9 + 2 - 0 ! |
When completing directory names, the directory name is dequoted twice. This causes problems for directories with single and double quotes in their names. Patch (apply with `patch -p0'): |
bash43 016.diff | (download) |
lib/glob/glob.c |
19 18 + 1 - 0 ! |
An extended glob pattern containing a slash (`/') causes the globbing code to misinterpret it as a directory separator. Patch (apply with `patch -p0'): |
bash43 017.diff | (download) |
patchlevel.h |
2 1 + 1 - 0 ! |
The code that creates local variables should not clear the `invisible' attribute when returning an existing local variable. Let the code that actually assigns a value clear it. Patch (apply with `patch -p0'): |
bash43 018.diff | (download) |
arrayfunc.c |
1 1 + 0 - 0 ! |
When assigning an array variable using the compound assignment syntax, but using `declare' with the rhs of the compound assignment quoted, the shell did not mark the variable as visible after successfully performing the assignment. Patch (apply with `patch -p0'): |
bash43 019.diff | (download) |
builtins/read.def |
7 6 + 1 - 0 ! |
The -t timeout option to `read' does not work when the -e option is used. Patch (apply with `patch -p0'): |
bash43 020.diff | (download) |
parse.y |
4 3 + 1 - 0 ! |
When PS2 contains a command substitution, here-documents entered in an interactive shell can sometimes cause a segmentation fault. Patch (apply with `patch -p0'): |
bash43 021.diff | (download) |
lib/readline/misc.c |
2 1 + 1 - 0 ! |
When the readline `revert-all-at-newline' option is set, pressing newline when the current line is one retrieved from history results in a double free and a segmentation fault. Patch (apply with `patch -p0'): |
bash43 022.diff | (download) |
execute_cmd.c |
11 10 + 1 - 0 ! |
Using nested pipelines within loops with the `lastpipe' option set can result in a segmentation fault. Patch (apply with `patch -p0'): |
bash43 023.diff | (download) |
patchlevel.h |
2 1 + 1 - 0 ! |
Bash does not correctly parse process substitution constructs that contain unbalanced parentheses as part of the contained command. Patch (apply with `patch -p0'): |
bash43 024.diff | (download) |
patchlevel.h |
2 1 + 1 - 0 ! |
Indirect variable references do not work correctly if the reference variable expands to an array reference using a subscript other than 0 (e.g., foo='bar[1]' ; echo ${!foo}). Patch (apply with `patch -p0'): |
bash43 025.diff | (download) |
builtins/common.h |
2 2 + 0 - 0 ! |
Under certain circumstances, bash will execute user code while processing the environment for exported function definitions. |
bash43 026.diff | (download) |
parse.y |
2 2 + 0 - 0 ! |
Under certain circumstances, bash can incorrectly save a lookahead character and return it on a subsequent call, even when reading a new line. |
bash43 027.diff | (download) |
patchlevel.h |
2 1 + 1 - 0 ! |
This patch changes the encoding bash uses for exported functions to avoid clashes with shell variables and to avoid depending only on an environment variable's contents to determine whether or not to interpret it as a shell function. |
bash43 028.diff | (download) |
parse.y |
36 28 + 8 - 0 ! |
There are two local buffer overflows in parse.y that can cause the shell to dump core when given many here-documents attached to a single command or many nested loops. |
bash43 029.diff | (download) |
copy_cmd.c |
2 1 + 1 - 0 ! |
When bash is parsing a function definition that contains a here-document delimited by end-of-file (or end-of-string), it leaves the closing delimiter uninitialized. This can result in an invalid memory access when the parsed function is later copied. |
bash43 030.diff | (download) |
builtins/evalstring.c |
28 22 + 6 - 0 ! |
A combination of nested command substitutions and function importing from the environment can cause bash to execute code appearing in the environment variable value following the function definition. |
bashbug editor.diff | (download) |
support/bashbug.sh |
1 1 + 0 - 0 ! |
--- |
deb bash config.diff | (download) |
config-bot.h |
2 1 + 1 - 0 ! |
--- |
deb examples.diff | (download) |
examples/loadables/README |
3 3 + 0 - 0 ! |
--- |
man arithmetic.diff | (download) |
doc/bash.1 |
3 3 + 0 - 0 ! |
--- |
man fignore.diff | (download) |
doc/bash.1 |
4 3 + 1 - 0 ! |
--- |
man bashrc.diff | (download) |
doc/bash.1 |
20 15 + 5 - 0 ! |
--- |
man bashlogout.diff | (download) |
doc/bash.1 |
3 3 + 0 - 0 ! |
--- |
man nocaseglob.diff | (download) |
doc/bash.1 |
4 4 + 0 - 0 ! |
--- |
man test.diff | (download) |
builtins/test.def |
3 3 + 0 - 0 ! |
--- |
man test2.diff | (download) |
builtins/test.def |
3 3 + 0 - 0 ! |
--- |
privmode.diff | (download) |
shell.c |
2 1 + 1 - 0 ! |
--- |
rbash manpage.diff | (download) |
doc/rbash.1 |
2 1 + 1 - 0 ! |
--- |
bash default editor.diff | (download) |
bashline.c |
4 2 + 2 - 0 ! |
--- |
bash subst param length.diff | (download) |
subst.c |
2 1 + 1 - 0 ! |
--- |
pgrp pipe.diff | (download) |
config-bot.h |
3 3 + 0 - 0 ! |
--- |
input err.diff | (download) |
input.c |
2 1 + 1 - 0 ! |
--- |
exec redirections doc.diff | (download) |
doc/bash.1 |
4 4 + 0 - 0 ! |
--- |
bash aliases repeat.diff | (download) |
examples/startup-files/Bash_aliases |
6 3 + 3 - 0 ! |
--- |
use system texi2html.diff | (download) |
doc/Makefile.in |
4 2 + 2 - 0 ! |
--- |
bzero.diff | (download) |
lib/sh/oslib.c |
4 2 + 2 - 0 ! |
--- |
CVE 2016 0634.diff | (download) |
parse.y |
20 16 + 4 - 0 ! |
Bash performs word expansions on the prompt strings after the special escape sequences are expanded. If a malicious user can modify the system hostname or change the name of the bash executable and coerce a user into executing it, and the new name contains word expansions (including command substitution), bash will expand them in prompt strings containing the \h or \H and \s escape sequences, respectively. Patch (apply with `patch -p0'): |
CVE 2016 7543.diff | (download) |
variables.c |
6 5 + 1 - 0 ! |
If a malicious user can inject a value of $SHELLOPTS containing `xtrace' and a value for $PS4 that includes a command substitution into a shell running as root, bash will expand the command substitution as part of expanding $PS4 when it executes a traced command. Patch (apply with `patch -p0'): |