Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package bash for openSUSE:Factory checked in at 2026-06-22 17:24:53 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/bash (Old) and /work/SRC/openSUSE:Factory/.bash.new.1956 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "bash" Mon Jun 22 17:24:53 2026 rev:206 rq:1360230 version:5.3.MACRO Changes: -------- --- /work/SRC/openSUSE:Factory/bash/bash.changes 2026-02-12 17:24:51.556907390 +0100 +++ /work/SRC/openSUSE:Factory/.bash.new.1956/bash.changes 2026-06-22 17:24:55.976328098 +0200 @@ -1,0 +2,31 @@ +Thu Jun 11 09:07:11 UTC 2026 - Dr. Werner Fink <[email protected]> + +- Add upstream patches + * Bash-5.3 Official patch 10 -- bash53-010 + Under some circumstances, a subshell or asynchronous job with an active + EXIT trap that contains a call to `wait' can loop trying to wait for + processes that are not its children. It usually inherits these jobs from + its parent in the jobs list. + * Bash-5.3 Official patch 11 -- bash53-011 + If a `mapfile' callback unsets the array variable `mapfile' is using to save + the lines it reads, `mapfile' can try to reference freed memory, which can + cause corruption or shell crashes. + * Bash-5.3 Official patch 12 -- bash53-012 + If a subshell with an inherited EXIT trap receives a fatal signal before + it clears the exit trap, and before it restores its original signal + handlers, it's possible for it to inappropriately run the inherited EXIT + trap. + * Bash-5.3 Official patch 13 -- bash53-013 + Comparing the value of a pointer returned from realloc/xrealloc to the + original pointer passed is technically undefined behavior, which matters + under some circumstances. + * Bash-5.3 Official patch 14 -- bash53-014 + Bash-5.3 patch 11 included an inadvertent extra line, which this patch + removes. This also takes the opportunity to improve that patch, by looking + up the variable each time through the line-reading loop only if there is + a callback and it is invoked. + * Bash-5.3 Official patch 15 -- bash53-015 + There are circumstances under which index -1 is used to reference into + the input buffer used by the `read' builtin. + +------------------------------------------------------------------- @@ -10 +41 @@ - * Bash-5.3 Official patch 8 -- bash53-009 + * Bash-5.3 Official patch 9 -- bash53-009 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ bash-5.3-patches.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bash-5.3-patches/bash53-010 new/bash-5.3-patches/bash53-010 --- old/bash-5.3-patches/bash53-010 1970-01-01 01:00:00.000000000 +0100 +++ new/bash-5.3-patches/bash53-010 2026-06-02 22:14:42.000000000 +0200 @@ -0,0 +1,49 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.3 +Patch-ID: bash53-010 + +Bug-Reported-by: Aleksey Covacevice <[email protected]> +Bug-Reference-ID: +Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2026-01/msg00003.html + +Bug-Description: + +Patch (apply with `patch -p0'): + +Under some circumstances, a subshell or asynchronous job with an active +EXIT trap that contains a call to `wait' can loop trying to wait for +processes that are not its children. It usually inherits these jobs from +its parent in the jobs list. + +*** ../bash-5.3-patched/jobs.c Fri Jul 25 08:53:22 2025 +--- jobs.c Fri Jan 9 10:21:03 2026 +*************** +*** 2840,2844 **** + ps->status = (r < 0 || r > 256) ? 127 : r; + } +! if (r == -1 && errno == ECHILD) + { + /* If we're mistaken about job state, compensate. */ +--- 2842,2846 ---- + ps->status = (r < 0 || r > 256) ? 127 : r; + } +! if ((r < 0 || r > 256) && errno == ECHILD) + { + /* If we're mistaken about job state, compensate. */ +*** ../bash-5.3/patchlevel.h 2020-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 9 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 10 + + #endif /* _PATCHLEVEL_H_ */ Binary files old/bash-5.3-patches/bash53-010.sig and new/bash-5.3-patches/bash53-010.sig differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bash-5.3-patches/bash53-011 new/bash-5.3-patches/bash53-011 --- old/bash-5.3-patches/bash53-011 1970-01-01 01:00:00.000000000 +0100 +++ new/bash-5.3-patches/bash53-011 2026-06-02 22:14:59.000000000 +0200 @@ -0,0 +1,70 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.3 +Patch-ID: bash53-011 + +Bug-Reported-by: Philippe Grégoire <[email protected]> +Bug-Reference-ID: +Bug-Reference-URL: + +Bug-Description: + +If a `mapfile' callback unsets the array variable `mapfile' is using to save +the lines it reads, `mapfile' can try to reference freed memory, which can +cause corruption or shell crashes. + +Patch (apply with `patch -p0'): + +*** ../bash-5.3-patched/builtins/mapfile.def Mon May 6 11:58:48 2024 +--- builtins/mapfile.def Mon May 25 16:23:50 2026 +*************** +*** 154,160 **** + unbuffered_read = 0; + +! /* The following check should be done before reading any lines. Doing it +! here allows us to call bind_array_element instead of bind_array_variable +! and skip the variable lookup on every call. */ + entry = builtin_find_indexed_array (array_name, flags & MAPF_CLEARARRAY); + if (entry == 0) +--- 154,158 ---- + unbuffered_read = 0; + +! /* The following check should be done before reading any lines. */ + entry = builtin_find_indexed_array (array_name, flags & MAPF_CLEARARRAY); + if (entry == 0) +*************** +*** 202,207 **** + } + +! /* XXX - bad things can happen if the callback modifies ENTRY, e.g., +! unsetting it or changing it to a non-indexed-array type. */ + bind_array_element (entry, array_index, line, 0); + +--- 200,210 ---- + } + +! /* Bad things can happen if the callback modifies ENTRY, e.g., +! unsetting it or changing it to a non-indexed-array type, so we +! look it up again every time we need to assign something */ +! entry = bind_array_variable (array_name, array_index, line, 0); +! if (entry == 0 || ASSIGN_DISALLOWED (entry, 0)) +! return EXECUTION_FAILURE; +! + bind_array_element (entry, array_index, line, 0); + +*** ../bash-5.3/patchlevel.h 2020-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 10 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 11 + + #endif /* _PATCHLEVEL_H_ */ Binary files old/bash-5.3-patches/bash53-011.sig and new/bash-5.3-patches/bash53-011.sig differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bash-5.3-patches/bash53-012 new/bash-5.3-patches/bash53-012 --- old/bash-5.3-patches/bash53-012 1970-01-01 01:00:00.000000000 +0100 +++ new/bash-5.3-patches/bash53-012 2026-06-02 22:15:08.000000000 +0200 @@ -0,0 +1,80 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.3 +Patch-ID: bash53-012 + +Bug-Reported-by: [email protected] +Bug-Reference-ID: +Bug-Reference-URL: https://savannah.gnu.org/bugs/?67745 + +Bug-Description: + +If a subshell with an inherited EXIT trap receives a fatal signal before +it clears the exit trap, and before it restores its original signal +handlers, it's possible for it to inappropriately run the inherited EXIT +trap. + +Patch (apply with `patch -p0'): + +*** ../bash-5.3-patched/execute_cmd.c Thu Jun 5 11:02:01 2025 +--- execute_cmd.c Fri Jan 9 10:21:30 2026 +*************** +*** 1644,1648 **** + if (user_subshell) + { +! subshell_environment = SUBSHELL_PAREN; /* XXX */ + if (asynchronous) + subshell_environment |= SUBSHELL_ASYNC; +--- 1681,1685 ---- + if (user_subshell) + { +! subshell_environment = SUBSHELL_PAREN|SUBSHELL_IGNTRAP; /* XXX */ + if (asynchronous) + subshell_environment |= SUBSHELL_ASYNC; +*************** +*** 1650,1654 **** + else + { +! subshell_environment = 0; /* XXX */ + if (asynchronous) + subshell_environment |= SUBSHELL_ASYNC; +--- 1687,1691 ---- + else + { +! subshell_environment = SUBSHELL_IGNTRAP; /* XXX */ + if (asynchronous) + subshell_environment |= SUBSHELL_ASYNC; +*** ../bash-5.3-patched/sig.c Wed Dec 18 15:52:06 2024 +--- sig.c Fri Jan 9 10:21:43 2026 +*************** +*** 639,643 **** + comsub_ignore_return = return_catch_flag = wait_intr_flag = 0; + +! run_exit_trap (); /* XXX - run exit trap possibly in signal context? */ + + kill_shell (sig); +--- 645,652 ---- + comsub_ignore_return = return_catch_flag = wait_intr_flag = 0; + +! /* Don't run the exit trap if we're supposed to be ignoring traps in a +! subshell environment. */ +! if ((subshell_environment & SUBSHELL_IGNTRAP) == 0) +! run_exit_trap (); /* XXX - run exit trap possibly in signal context? */ + + kill_shell (sig); +*** ../bash-5.3/patchlevel.h 2020-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 11 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 12 + + #endif /* _PATCHLEVEL_H_ */ Binary files old/bash-5.3-patches/bash53-012.sig and new/bash-5.3-patches/bash53-012.sig differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bash-5.3-patches/bash53-013 new/bash-5.3-patches/bash53-013 --- old/bash-5.3-patches/bash53-013 1970-01-01 01:00:00.000000000 +0100 +++ new/bash-5.3-patches/bash53-013 2026-06-09 16:49:58.000000000 +0200 @@ -0,0 +1,54 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.3 +Patch-ID: bash53-013 + +Bug-Reported-by: Florian Schmaus <[email protected]> +Bug-Reference-ID: +Bug-Reference-URL: https://savannah.gnu.org/bugs/?67586 + +Bug-Description: + +Comparing the value of a pointer returned from realloc/xrealloc to the +original pointer passed is technically undefined behavior, which matters +under some circumstances. + +Patch (apply with `patch -p0'): + +*** ../bash-5.3-patched/builtins/read.def Wed Jun 25 15:50:18 2025 +--- builtins/read.def Thu Nov 20 15:10:20 2025 +*************** +*** 789,794 **** + x = (char *)xrealloc (input_string, size += 128); + +! /* Only need to change unwind-protect if input_string changes */ + if (x != input_string) + { + input_string = x; +--- 816,824 ---- + x = (char *)xrealloc (input_string, size += 128); + +! #if 0 +! /* This is, in theory, undefined behavior, since input_string may +! have been freed. */ + if (x != input_string) ++ #endif + { + input_string = x; + +*** ../bash-5.3/patchlevel.h 2020-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 12 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 13 + + #endif /* _PATCHLEVEL_H_ */ Binary files old/bash-5.3-patches/bash53-013.sig and new/bash-5.3-patches/bash53-013.sig differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bash-5.3-patches/bash53-014 new/bash-5.3-patches/bash53-014 --- old/bash-5.3-patches/bash53-014 1970-01-01 01:00:00.000000000 +0100 +++ new/bash-5.3-patches/bash53-014 2026-06-09 16:50:09.000000000 +0200 @@ -0,0 +1,68 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.3 +Patch-ID: bash53-014 + +Bug-Reported-by: Grisha Levit <[email protected]> +Bug-Reference-ID: +Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2026-06/msg00022.html + +Bug-Description: + +Bash-5.3 patch 11 included an inadvertent extra line, which this patch +removes. This also takes the opportunity to improve that patch, by looking +up the variable each time through the line-reading loop only if there is +a callback and it is invoked. + +Patch (apply with `patch -p0'): + +*** ../bash-5.3-patched/builtins/mapfile.def Sat Jun 6 13:31:02 2026 +--- builtins/mapfile.def Sat Jun 6 13:51:55 2026 +*************** +*** 198,211 **** + + run_callback (callback, array_index, line); +- } + +! /* Bad things can happen if the callback modifies ENTRY, e.g., +! unsetting it or changing it to a non-indexed-array type, so we +! look it up again every time we need to assign something */ +! entry = bind_array_variable (array_name, array_index, line, 0); +! if (entry == 0 || ASSIGN_DISALLOWED (entry, 0)) +! return EXECUTION_FAILURE; +! +! bind_array_element (entry, array_index, line, 0); + + /* Have we exceeded # of lines to store? */ +--- 198,211 ---- + + run_callback (callback, array_index, line); + +! /* Bad things can happen if the callback modifies ENTRY, e.g., +! unsetting it or changing it to a non-indexed-array type, so we +! look it up again every time we need to assign something */ +! entry = bind_array_variable (array_name, array_index, line, 0); +! if (entry == 0 || ASSIGN_DISALLOWED (entry, 0)) +! return EXECUTION_FAILURE; +! } +! else +! bind_array_element (entry, array_index, line, 0); + + /* Have we exceeded # of lines to store? */ + +*** ../bash-5.3/patchlevel.h 2020-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 13 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 14 + + #endif /* _PATCHLEVEL_H_ */ Binary files old/bash-5.3-patches/bash53-014.sig and new/bash-5.3-patches/bash53-014.sig differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bash-5.3-patches/bash53-015 new/bash-5.3-patches/bash53-015 --- old/bash-5.3-patches/bash53-015 1970-01-01 01:00:00.000000000 +0100 +++ new/bash-5.3-patches/bash53-015 2026-06-09 16:50:23.000000000 +0200 @@ -0,0 +1,79 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.3 +Patch-ID: bash53-015 + +Bug-Reported-by: Duncan Roe <[email protected]> + Grisha Levit <[email protected]> +Bug-Reference-ID: +Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2025-09/msg00162.html + https://lists.gnu.org/archive/html/bug-bash/2025-10/msg00013.html + +Bug-Description: + +There are circumstances under which index -1 is used to reference into +the input buffer used by the `read' builtin. + +Patch (apply with `patch -p0'): + +*** ../bash-5.3-patched/builtins/read.def Wed Jun 25 15:50:18 2025 +--- builtins/read.def Thu Nov 6 16:51:14 2025 +*************** +*** 539,543 **** + protects, then restore input_string so we can use it later */ + orig_input_string = 0; +! input_string[i] = '\0'; /* make sure it's terminated */ + if (i == 0) + { +--- 568,573 ---- + protects, then restore input_string so we can use it later */ + orig_input_string = 0; +! if (i >= 0) +! input_string[i] = '\0'; /* make sure it's terminated */ + if (i == 0) + { +*************** +*** 593,598 **** + + ttset = ttattrs; +! i = silent ? ttfd_cbreak (fd, &ttset) : ttfd_onechar (fd, &ttset); +! if (i < 0) + sh_ttyerror (1); + tty_modified = 1; +--- 623,627 ---- + + ttset = ttattrs; +! if ((silent ? ttfd_cbreak (fd, &ttset) : ttfd_onechar (fd, &ttset)) < 0) + sh_ttyerror (1); + tty_modified = 1; +*************** +*** 610,615 **** + + ttset = ttattrs; +! i = ttfd_noecho (fd, &ttset); /* ttnoecho (); */ +! if (i < 0) + sh_ttyerror (1); + +--- 639,643 ---- + + ttset = ttattrs; +! if (ttfd_noecho (fd, &ttset) < 0) + sh_ttyerror (1); + + +*** ../bash-5.3/patchlevel.h 2020-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 14 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 15 + + #endif /* _PATCHLEVEL_H_ */ Binary files old/bash-5.3-patches/bash53-015.sig and new/bash-5.3-patches/bash53-015.sig differ
