Hello community,
here is the log from the commit of package bash for openSUSE:Factory
checked in at Tue Dec 8 12:47:29 CET 2009.
--------
--- bash/bash.changes 2009-09-30 13:47:26.000000000 +0200
+++ /mounts/work_src_done/STABLE/bash/bash.changes 2009-12-04 10:41:03.000000000 +0100
@@ -1,0 +2,16 @@
+Fri Dec 4 10:40:02 CET 2009 - werner@suse.de
+
+- Fix bug in bash-4.0-security.patch (bnc#559877)
+
+-------------------------------------------------------------------
+Thu Oct 29 15:23:20 CET 2009 - werner@suse.de
+
+- Update to newest patch level 35
+ * bash incorrectly interprets wildcarded path components between
+ a **/ and the last /
+ * bash incorrectly treated single and double quotes as
+ delimiters rather than introducing quoted strings when
+ splitting the line into words for programmable completion
+ functions
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ bash.spec ++++++
--- /var/tmp/diff_new_pack.iGyYzB/_old 2009-12-08 12:47:15.000000000 +0100
+++ /var/tmp/diff_new_pack.iGyYzB/_new 2009-12-08 12:47:15.000000000 +0100
@@ -19,7 +19,7 @@
Name: bash
BuildRequires: bison fdupes ncurses-devel
-License: GPL v2 or later
+License: GPLv2+
Group: System/Shells
%define bash_vers 4.0
%define rl_vers 6.0
@@ -28,7 +28,7 @@
Suggests: command-not-found
AutoReqProv: on
Version: 4.0
-Release: 17
+Release: 18
Summary: The GNU Bourne-Again Shell
Url: http://www.gnu.org/software/bash/bash.html
Source0: ftp://ftp.gnu.org/gnu/bash/bash-%{bash_vers}.tar.bz2
@@ -85,13 +85,13 @@
Chet Ramey
%package -n bash-doc
-License: GPL v2 or later
+License: GPLv2+
Summary: Documentation how to Use the GNU Bourne-Again Shell
Group: Documentation/Man
Provides: bash:%{_infodir}/bash.info.gz
PreReq: %install_info_prereq
Version: 4.0
-Release: 17
+Release: 18
AutoReqProv: on
%description -n bash-doc
@@ -107,11 +107,11 @@
%lang_package(bash)
%package -n bash-devel
-License: GPL v2 or later
+License: GPLv2+
Summary: Include Files mandatory for Development of bash loadable builtins
Group: Development/Languages/C and C++
Version: 4.0
-Release: 6
+Release: 7
AutoReqProv: on
%description -n bash-devel
@@ -127,11 +127,11 @@
Chet Ramey
%package -n bash-loadables
-License: GPL v2 or later
+License: GPLv2+
Summary: Loadable bash builtins
Group: System/Shells
Version: 4.0
-Release: 6
+Release: 7
AutoReqProv: on
%description -n bash-loadables
@@ -195,12 +195,12 @@
Chet Ramey
%package -n libreadline6
-License: GPL v2 or later
+License: GPLv2+
Summary: The Readline Library
Group: System/Libraries
Provides: bash:/%{_lib}/libreadline.so.%{rl_major}
Version: 6.0
-Release: 17
+Release: 18
Recommends: readline-doc = %{version}
# bug437293
%ifarch ppc64
@@ -224,12 +224,12 @@
Chet Ramey
%package -n readline-devel
-License: GPL v2 or later
+License: GPLv2+
Summary: Include Files and Libraries mandatory for Development
Group: Development/Libraries/C and C++
Provides: bash:%{_libdir}/libreadline.a
Version: 6.0
-Release: 17
+Release: 18
Requires: libreadline6 = %{version}
Requires: ncurses-devel
Recommends: readline-doc = %{version}
@@ -252,13 +252,13 @@
Chet Ramey
%package -n readline-doc
-License: GPL v2 or later
+License: GPLv2+
Summary: Documentation how to Use and Program with the Readline Library
Group: System/Libraries
Provides: readline:%{_infodir}/readline.info.gz
PreReq: %install_info_prereq
Version: 6.0
-Release: 17
+Release: 18
AutoReqProv: on
%description -n readline-doc
++++++ bash-4.0-patches.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bash-4.0-patches/bash40-034 new/bash-4.0-patches/bash40-034
--- old/bash-4.0-patches/bash40-034 1970-01-01 01:00:00.000000000 +0100
+++ new/bash-4.0-patches/bash40-034 2009-10-24 18:10:34.000000000 +0200
@@ -0,0 +1,59 @@
+ BASH PATCH REPORT
+ =================
+
+Bash-Release: 4.0
+Patch-ID: bash40-034
+
+Bug-Reported-by: Anders Kaseorg
+Bug-Reference-ID: <1252856832.991059.8162.nullmailer@balanced-tree.mit.edu>
+Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-09/msg00043.html
+
+Bug-Description:
+
+When using the globstar option, bash incorrectly interprets wildcarded path
+components between a **/ and the last / as matching any path, even if the
+constructed path does not match any files.
+
+Patch:
+
+*** ../bash-4.0-patched/lib/glob/glob.c 2009-07-22 23:18:50.000000000 -0400
+--- lib/glob/glob.c 2009-09-18 17:53:25.000000000 -0400
+***************
+*** 920,928 ****
+ char **temp_results;
+
+ /* Scan directory even on a NULL filename. That way, `*h/'
+ returns only directories ending in `h', instead of all
+ files ending in `h' with a `/' appended. */
+ dname = directories[i];
+! dflags = flags & ~GX_MARKDIRS;
+ if ((flags & GX_GLOBSTAR) && filename[0] == '*' && filename[1] == '*' && filename[2] == '\0')
+ dflags |= GX_ALLDIRS|GX_ADDCURDIR;
+--- 927,938 ----
+ char **temp_results;
+
++ /* XXX -- we've recursively scanned any directories resulting from
++ a `**', so turn off the flag. We turn it on again below if
++ filename is `**' */
+ /* Scan directory even on a NULL filename. That way, `*h/'
+ returns only directories ending in `h', instead of all
+ files ending in `h' with a `/' appended. */
+ dname = directories[i];
+! dflags = flags & ~(GX_MARKDIRS|GX_ALLDIRS|GX_ADDCURDIR);
+ if ((flags & GX_GLOBSTAR) && filename[0] == '*' && filename[1] == '*' && filename[2] == '\0')
+ dflags |= GX_ALLDIRS|GX_ADDCURDIR;
+*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500
+--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500
+***************
+*** 26,30 ****
+ looks for to find the patch level (for the sccs version string). */
+
+! #define PATCHLEVEL 33
+
+ #endif /* _PATCHLEVEL_H_ */
+--- 26,30 ----
+ looks for to find the patch level (for the sccs version string). */
+
+! #define PATCHLEVEL 34
+
+ #endif /* _PATCHLEVEL_H_ */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bash-4.0-patches/bash40-035 new/bash-4.0-patches/bash40-035
--- old/bash-4.0-patches/bash40-035 1970-01-01 01:00:00.000000000 +0100
+++ new/bash-4.0-patches/bash40-035 2009-10-24 18:10:45.000000000 +0200
@@ -0,0 +1,62 @@
+ BASH PATCH REPORT
+ =================
+
+Bash-Release: 4.0
+Patch-ID: bash40-035
+
+Bug-Reported-by: Freddy Vulto
+Bug-Reference-ID:
+Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-09/msg00044.html
+
+Bug-Description:
+
+Bash-4.0 incorrectly treated single and double quotes as delimiters rather
+than introducing quoted strings when splitting the line into words for
+programmable completion functions.
+
+Patch:
+
+*** ../bash-4.0-patched/pcomplete.c 2009-03-08 21:24:31.000000000 -0400
+--- pcomplete.c 2009-09-26 16:30:16.000000000 -0400
+***************
+*** 1176,1186 ****
+ WORD_LIST *ret;
+ char *delims;
+
+! #if 0
+! delims = "()<>;&| \t\n"; /* shell metacharacters break words */
+! #else
+! delims = rl_completer_word_break_characters;
+! #endif
+ ret = split_at_delims (line, llen, delims, sentinel, nwp, cwp);
+ return (ret);
+ }
+--- 1176,1188 ----
+ WORD_LIST *ret;
+ char *delims;
++ int i, j;
+
+! delims = xmalloc (strlen (rl_completer_word_break_characters) + 1);
+! for (i = j = 0; rl_completer_word_break_characters[i]; i++)
+! if (rl_completer_word_break_characters[i] != '\'' && rl_completer_word_break_characters[i] != '"')
+! delims[j++] = rl_completer_word_break_characters[i];
+! delims[j] = '\0';
+ ret = split_at_delims (line, llen, delims, sentinel, nwp, cwp);
++ free (delims);
+ return (ret);
+ }
+*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500
+--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500
+***************
+*** 26,30 ****
+ looks for to find the patch level (for the sccs version string). */
+
+! #define PATCHLEVEL 34
+
+ #endif /* _PATCHLEVEL_H_ */
+--- 26,30 ----
+ looks for to find the patch level (for the sccs version string). */
+
+! #define PATCHLEVEL 35
+
+ #endif /* _PATCHLEVEL_H_ */
++++++ bash-4.0-security.patch ++++++
--- /var/tmp/diff_new_pack.iGyYzB/_old 2009-12-08 12:47:15.000000000 +0100
+++ /var/tmp/diff_new_pack.iGyYzB/_new 2009-12-08 12:47:15.000000000 +0100
@@ -1,85 +1,43 @@
-Index: variables.c
-===================================================================
---- variables.c.orig
-+++ variables.c
-@@ -1203,6 +1203,7 @@ init_seconds_var ()
- return v;
- }
-
-+#if !defined(linux)
- /* The random number seed. You can change this by setting RANDOM. */
- static unsigned long rseed = 1;
+--- variables.c
++++ variables.c 2009-12-04 09:31:06.579929599 +0000
+@@ -1216,6 +1216,7 @@ static unsigned long rseed = 1;
static int last_random_value;
-@@ -1256,6 +1257,24 @@ seedrand ()
+ static int seeded_subshell = 0;
+
++#if !defined(linux)
+ /* A linear congruential random number generator based on the example
+ one in the ANSI C standard. This one isn't very good, but a more
+ complicated one is overkill. */
+@@ -1264,6 +1265,32 @@ seedrand ()
sbrand (tv.tv_sec ^ tv.tv_usec ^ getpid ());
}
+#else
-+
-+static int last_sbrand_pid;
-+
-+static int brand ()
++/* Use ISO C Random Number Functions of the glibc */
++static int
++brand (void)
+{
-+ return random() & 32767;
++ if (rseed == 0)
++ seedrand ();
++ return rand() & 32767;
+}
+
-+static void sbrand (unsigned long seed)
++static void
++sbrand (unsigned long seed)
+{
-+ srandom(seed);
++ rseed = seed;
++ srand(seed);
+}
+
+static void
-+seedrand () {}
++seedrand (void)
++{
++ struct timeval tv;
++ gettimeofday (&tv, NULL);
++ srand (tv.tv_sec ^ tv.tv_usec ^ getpid ());
++}
+#endif
+
static SHELL_VAR *
assign_random (self, value, unused, key)
SHELL_VAR *self;
-@@ -1264,8 +1283,10 @@ assign_random (self, value, unused, key)
- char *key;
- {
- sbrand (strtoul (value, (char **)NULL, 10));
-+#if !defined(linux)
- if (subshell_environment)
- seeded_subshell = getpid ();
-+#endif
- return (self);
- }
-
-@@ -1274,6 +1295,7 @@ get_random_number ()
- {
- int rv, pid;
-
-+#if !defined(linux)
- /* Reset for command and process substitution. */
- pid = getpid ();
- if (subshell_environment && seeded_subshell != pid)
-@@ -1285,6 +1307,18 @@ get_random_number ()
- do
- rv = brand ();
- while (rv == last_random_value);
-+#else
-+ if (subshell_environment)
-+ {
-+ int mypid = getpid();
-+ if (mypid != last_sbrand_pid)
-+ {
-+ last_sbrand_pid = mypid;
-+ sbrand (mypid + NOW);
-+ }
-+ }
-+ rv = brand();
-+#endif
- return rv;
- }
-
-@@ -1296,7 +1330,9 @@ get_random (var)
- char *p;
-
- rv = get_random_number ();
-+#if !defined(linux)
- last_random_value = rv;
-+#endif
- p = itos (rv);
-
- FREE (value_cell (var));
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org