diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2021-11-18 21:13:10 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2021-11-19 08:59:57 +0100 |
commit | 061b63f432805072759263dfcb5fccddd52e5e4c (patch) | |
tree | 15b116cecc35365a8414b26aa975110c1ba37165 /source/a/bash | |
parent | c73f45c6d4f48f70b96e052a5185fb146d532e59 (diff) | |
download | current-061b63f432805072759263dfcb5fccddd52e5e4c.tar.gz current-061b63f432805072759263dfcb5fccddd52e5e4c.tar.xz |
Thu Nov 18 21:13:10 UTC 202120211118211310
a/bash-5.1.012-x86_64-1.txz: Upgraded.
a/cryptsetup-2.4.2-x86_64-1.txz: Upgraded.
a/kernel-generic-5.15.3-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.3-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.3-x86_64-1.txz: Upgraded.
d/ccache-4.5.1-x86_64-1.txz: Upgraded.
d/kernel-headers-5.15.3-x86-1.txz: Upgraded.
k/kernel-source-5.15.3-noarch-1.txz: Upgraded.
kde/latte-dock-0.10.4-x86_64-1.txz: Upgraded.
n/php-7.4.26-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
XML: special character is breaking the path in xml function.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
(* Security fix *)
x/ibus-1.5.25-x86_64-5.txz: Rebuilt.
Fixed paths in:
[PATCH] client/gtk3/ibusimcontext: Fix wrong cursor location in gtk3 apps.
Thanks to Lockywolf.
xap/audacious-4.1-x86_64-3.txz: Rebuilt.
Removed the extra menu entry for the GTK+ version as this can just be
selected in the settings. Thanks to franzen.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to 'source/a/bash')
-rw-r--r-- | source/a/bash/bash-5.1-patches/bash51-009 | 59 | ||||
-rw-r--r-- | source/a/bash/bash-5.1-patches/bash51-010 | 59 | ||||
-rw-r--r-- | source/a/bash/bash-5.1-patches/bash51-011 | 81 | ||||
-rw-r--r-- | source/a/bash/bash-5.1-patches/bash51-012 | 198 |
4 files changed, 397 insertions, 0 deletions
diff --git a/source/a/bash/bash-5.1-patches/bash51-009 b/source/a/bash/bash-5.1-patches/bash51-009 new file mode 100644 index 000000000..2796c3b9b --- /dev/null +++ b/source/a/bash/bash-5.1-patches/bash51-009 @@ -0,0 +1,59 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.1 +Patch-ID: bash51-009 + +Bug-Reported-by: Julien Moutinho <julm+bash@sourcephile.fr> +Bug-Reference-ID: <20211004035906.5kiobuzkpeckmvwg@sourcephile.fr> +Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2021-10/msg00022.html + +Bug-Description: + +The bash malloc implementation of malloc_usable_size() does not follow the +specification. This can cause library functions that use it to overwrite +memory bounds checking. + +Patch (apply with `patch -p0'): + +*** ../bash-5.1-patched/lib/malloc/malloc.c 2020-07-08 10:19:30.000000000 -0400 +--- lib/malloc/malloc.c 2021-10-05 16:10:55.000000000 -0400 +*************** +*** 1287,1297 **** + } + +! /* XXX - should we return 0 if ISFREE? */ +! maxbytes = binsize(p->mh_index); +! +! /* So the usable size is the maximum number of bytes in the bin less the +! malloc overhead */ +! maxbytes -= MOVERHEAD + MSLOP; +! return (maxbytes); + } + +--- 1358,1367 ---- + } + +! /* return 0 if ISFREE */ +! if (p->mh_alloc == ISFREE) +! return 0; +! +! /* Since we use bounds checking, the usable size is the last requested size. */ +! return (p->mh_nbytes); + } + +*** ../bash-5.1/patchlevel.h 2020-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 8 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 9 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/source/a/bash/bash-5.1-patches/bash51-010 b/source/a/bash/bash-5.1-patches/bash51-010 new file mode 100644 index 000000000..cfe6fa46b --- /dev/null +++ b/source/a/bash/bash-5.1-patches/bash51-010 @@ -0,0 +1,59 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.1 +Patch-ID: bash51-010 + +Bug-Reported-by: Jonas Alfredsson <jonas.alfredsson@protonmail.com> +Bug-Reference-ID: <LjAfZaEuZncr2RaqhSSfcaiXdkuK6kdEYxshP3LApXbgMVQzggMGyWHO9knVkXicW2fP-ibsipJ_GZ-YaJRm96Rsozf6PgFmPsljRCtflls=@protonmail.com> +Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2021-05/msg00059.html + +Bug-Description: + +If `wait -n' is interrupted by a trapped signal other than SIGINT, it does +not completely clean up state, and that can prevent subsequent calls to +`wait -n' from working correctly. + +Patch (apply with `patch -p0'): + +*** ../bash-5.1-patched/builtins/wait.def 2020-12-16 17:13:12.000000000 -0500 +--- builtins/wait.def 2021-11-17 10:25:15.000000000 -0500 +*************** +*** 112,116 **** + WORD_LIST *list; + { +! int status, code, opt, nflag, wflags; + char *vname; + SHELL_VAR *pidvar; +--- 112,117 ---- + WORD_LIST *list; + { +! int status, code, opt, nflag; +! volatile int wflags; + char *vname; + SHELL_VAR *pidvar; +*************** +*** 181,184 **** +--- 188,193 ---- + status = 128 + wait_signal_received; + wait_sigint_cleanup (); ++ if (wflags & JWAIT_WAITING) ++ unset_waitlist (); + WAIT_RETURN (status); + } + +*** ../bash-5.1/patchlevel.h 2020-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 9 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 10 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/source/a/bash/bash-5.1-patches/bash51-011 b/source/a/bash/bash-5.1-patches/bash51-011 new file mode 100644 index 000000000..655c7ec8b --- /dev/null +++ b/source/a/bash/bash-5.1-patches/bash51-011 @@ -0,0 +1,81 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.1 +Patch-ID: bash51-011 + +Bug-Reported-by: Alex fxmbsw7 Ratchev <fxmbsw7@gmail.com> +Bug-Reference-ID: <CAALKErFrm+yuwy=ioK+RmjCiwxTDmzeMFWqLF2BEWYtkGS5UFQ@mail.gmail.com> +Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2020-11/msg00064.html + +Bug-Description: + +When reading a compound assignment, and running it through the parser to +split it into words, we need to save and restore any alias we're currently +expanding. + +Patch (apply with `patch -p0'): + +*** ../bash-5.1-patched/parse.y 2020-11-28 12:10:06.000000000 -0500 +--- parse.y 2021-10-13 11:04:27.000000000 -0400 +*************** +*** 6494,6501 **** + + push_stream (1); +- #if 0 /* TAG: bash-5.2 Alex fxmbsw7 Ratchev <fxmbsw7@gmail.com> 11/17/2020 */ + if (ea = expanding_alias ()) + parser_save_alias (); +- #endif + last_read_token = WORD; /* WORD to allow reserved words here */ + current_command_line_count = 0; +--- 6494,6499 ---- +*************** +*** 6532,6539 **** + pop_stream (); + +- #if 0 /* TAG: bash-5.2 */ + if (ea) + parser_restore_alias (); +- #endif + + #if defined (HISTORY) +--- 6530,6535 ---- +*** ../bash-5.1-patched/y.tab.c 2020-11-28 12:17:19.000000000 -0500 +--- y.tab.c 2021-11-17 10:47:35.000000000 -0500 +*************** +*** 8788,8795 **** + + push_stream (1); +- #if 0 /* TAG: bash-5.2 Alex fxmbsw7 Ratchev <fxmbsw7@gmail.com> 11/17/2020 */ + if (ea = expanding_alias ()) + parser_save_alias (); +- #endif + last_read_token = WORD; /* WORD to allow reserved words here */ + current_command_line_count = 0; +--- 8777,8782 ---- +*************** +*** 8826,8833 **** + pop_stream (); + +- #if 0 /* TAG: bash-5.2 */ + if (ea) + parser_restore_alias (); +- #endif + + #if defined (HISTORY) +--- 8813,8818 ---- +*** ../bash-5.1/patchlevel.h 2020-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 10 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 11 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/source/a/bash/bash-5.1-patches/bash51-012 b/source/a/bash/bash-5.1-patches/bash51-012 new file mode 100644 index 000000000..222491884 --- /dev/null +++ b/source/a/bash/bash-5.1-patches/bash51-012 @@ -0,0 +1,198 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.1 +Patch-ID: bash51-012 + +Bug-Reported-by: Nikolay Borisov <nborisov@suse.com> +Bug-Reference-ID: <1a715205-06ce-413b-c1c0-2f5639ce06c0@suse.com> +Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2020-11/msg00091.html + +Bug-Description: + +There is a possible race condition that arises when a child process receives +a signal trapped by the parent before it can reset the signal dispositions. +The child process is not supposed to trap the signal in this circumstance. + +Patch (apply with `patch -p0'): + +*** ../bash-20201118/command.h 2020-08-14 15:04:39.000000000 -0400 +--- command.h 2020-11-27 15:18:02.000000000 -0500 +*************** +*** 125,128 **** +--- 125,129 ---- + #define SUBSHELL_COPROC 0x40 /* subshell from a coproc pipeline */ + #define SUBSHELL_RESETTRAP 0x80 /* subshell needs to reset trap strings on first call to trap */ ++ #define SUBSHELL_IGNTRAP 0x100 /* subshell should reset trapped signals from trap_handler */ + + /* A structure which represents a word. */ + +*** ../bash-20201118/execute_cmd.c 2020-11-23 14:16:48.000000000 -0500 +--- execute_cmd.c 2020-11-27 16:43:25.000000000 -0500 +*************** +*** 1548,1551 **** +--- 1548,1554 ---- + reset_signal_handlers (); + subshell_environment |= SUBSHELL_RESETTRAP; ++ /* Note that signal handlers have been reset, so we should no longer ++ reset the handler and resend trapped signals to ourselves. */ ++ subshell_environment &= ~SUBSHELL_IGNTRAP; + + /* We are in a subshell, so forget that we are running a trap handler or +*************** +*** 4321,4325 **** + cmdflags |= CMD_NO_FORK; + +! subshell_environment = SUBSHELL_FORK; /* XXX */ + if (pipe_in != NO_PIPE || pipe_out != NO_PIPE) + subshell_environment |= SUBSHELL_PIPE; +--- 4324,4329 ---- + cmdflags |= CMD_NO_FORK; + +! /* We redo some of what make_child() does with SUBSHELL_IGNTRAP */ +! subshell_environment = SUBSHELL_FORK|SUBSHELL_IGNTRAP; /* XXX */ + if (pipe_in != NO_PIPE || pipe_out != NO_PIPE) + subshell_environment |= SUBSHELL_PIPE; +*************** +*** 4575,4578 **** +--- 4580,4584 ---- + reset_signal_handlers (); + subshell_environment |= SUBSHELL_RESETTRAP; ++ subshell_environment &= ~SUBSHELL_IGNTRAP; + + if (async) +*************** +*** 5515,5518 **** +--- 5521,5525 ---- + /* Cancel traps, in trap.c. */ + restore_original_signals (); ++ subshell_environment &= ~SUBSHELL_IGNTRAP; + + #if defined (JOB_CONTROL) + +*** ../bash-20201118/jobs.c 2020-08-04 10:17:39.000000000 -0400 +--- jobs.c 2020-11-27 16:39:56.000000000 -0500 +*************** +*** 2218,2221 **** +--- 2218,2223 ---- + pid_t mypid; + ++ subshell_environment |= SUBSHELL_IGNTRAP; ++ + /* If this ends up being changed to modify or use `command' in the + child process, go back and change callers who free `command' in +diff -rC 2 ../bash-20201118/nojobs.c nojobs.c +*** ../bash-20201118/nojobs.c 2020-07-08 10:11:25.000000000 -0400 +--- nojobs.c 2020-11-27 16:38:36.000000000 -0500 +*************** +*** 576,579 **** +--- 576,581 ---- + #endif + ++ subshell_environment |= SUBSHELL_IGNTRAP; ++ + default_tty_job_signals (); + } + +*** ../bash-20201118/sig.c 2020-11-23 13:22:17.000000000 -0500 +--- sig.c 2020-11-28 10:21:43.000000000 -0500 +*************** +*** 56,60 **** + #endif + +! extern void initialize_siglist (); + + #if !defined (JOB_CONTROL) +--- 56,61 ---- + #endif + +! extern void initialize_siglist PARAMS((void)); +! extern void set_original_signal PARAMS((int, SigHandler *)); + + #if !defined (JOB_CONTROL) +*************** +*** 256,259 **** +--- 257,267 ---- + XHANDLER(i) = oact.sa_handler; + XSAFLAGS(i) = oact.sa_flags; ++ ++ #if 0 ++ set_original_signal (XSIG(i), XHANDLER(i)); /* optimization */ ++ #else ++ set_original_signal (XSIG(i), act.sa_handler); /* optimization */ ++ #endif ++ + /* Don't do anything with signals that are ignored at shell entry + if the shell is not interactive. */ + +*** ../bash-20201118/subst.c 2020-11-16 10:33:15.000000000 -0500 +--- subst.c 2020-11-27 16:07:00.000000000 -0500 +*************** +*** 5952,5955 **** +--- 5952,5956 ---- + /* Cancel traps, in trap.c. */ + restore_original_signals (); /* XXX - what about special builtins? bash-4.2 */ ++ subshell_environment &= ~SUBSHELL_IGNTRAP; + QUIT; /* catch any interrupts we got post-fork */ + setup_async_signals (); +*************** +*** 6383,6386 **** +--- 6384,6388 ---- + QUIT; /* catch any interrupts we got post-fork */ + subshell_environment |= SUBSHELL_RESETTRAP; ++ subshell_environment &= ~SUBSHELL_IGNTRAP; + } + + +diff -rC 2 ../bash-20201118/trap.c trap.c +*** ../bash-20201118/trap.c 2020-11-28 12:04:07.000000000 -0500 +--- trap.c 2020-11-28 10:22:10.000000000 -0500 +*************** +*** 482,485 **** +--- 482,511 ---- + } + ++ /* This means we're in a subshell, but have not yet reset the handler for ++ trapped signals. We're not supposed to execute the trap in this situation; ++ we should restore the original signal and resend the signal to ourselves ++ to preserve the Posix "signal traps that are not being ignored shall be ++ set to the default action" semantics. */ ++ if ((subshell_environment & SUBSHELL_IGNTRAP) && trap_list[sig] != (char *)IGNORE_SIG) ++ { ++ sigset_t mask; ++ ++ /* Paranoia */ ++ if (original_signals[sig] == IMPOSSIBLE_TRAP_HANDLER) ++ original_signals[sig] = SIG_DFL; ++ ++ restore_signal (sig); ++ ++ /* Make sure we let the signal we just caught through */ ++ sigemptyset (&mask); ++ sigprocmask (SIG_SETMASK, (sigset_t *)NULL, &mask); ++ sigdelset (&mask, sig); ++ sigprocmask (SIG_SETMASK, &mask, (sigset_t *)NULL); ++ ++ kill (getpid (), sig); ++ ++ SIGRETURN (0); ++ } ++ + if ((sig >= NSIG) || + (trap_list[sig] == (char *)DEFAULT_SIG) || + +*** ../bash-5.1/patchlevel.h 2020-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 11 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 12 + + #endif /* _PATCHLEVEL_H_ */ |