bash44-015 1.2 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344
  1. BASH PATCH REPORT
  2. =================
  3. Bash-Release: 4.4
  4. Patch-ID: bash44-015
  5. Bug-Reported-by: David Simmons <bug-bash@tmp.davidsimmons.com>
  6. Bug-Reference-ID: <bc6f0839-fa50-fe8f-65f5-5aa6feb11ec5@davidsimmons.com>
  7. Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2017-02/msg00033.html
  8. Bug-Description:
  9. Process substitution can leak internal quoting to the parser in the invoked
  10. subshell.
  11. Patch (apply with `patch -p0'):
  12. *** ../bash-20170210/subst.c 2017-01-19 11:08:50.000000000 -0500
  13. --- subst.c 2017-02-20 10:12:49.000000000 -0500
  14. ***************
  15. *** 5907,5910 ****
  16. --- 5907,5912 ----
  17. expanding_redir = 0;
  18. + remove_quoted_escapes (string);
  19. +
  20. subshell_level++;
  21. result = parse_and_execute (string, "process substitution", (SEVAL_NONINT|SEVAL_NOHIST));
  22. *** ../bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400
  23. --- patchlevel.h 2016-10-01 11:01:28.000000000 -0400
  24. ***************
  25. *** 26,30 ****
  26. looks for to find the patch level (for the sccs version string). */
  27. ! #define PATCHLEVEL 14
  28. #endif /* _PATCHLEVEL_H_ */
  29. --- 26,30 ----
  30. looks for to find the patch level (for the sccs version string). */
  31. ! #define PATCHLEVEL 15
  32. #endif /* _PATCHLEVEL_H_ */