deepcrayon/buildroot
deepcrayon/buildroot
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

bash: add upstream security fixes to patch level 12

Browse source 
Fixes CVE-2017-5932 - Shell code execution on tab completion of specially
crafted files. For details, see the report:

https://github.com/jheyens/bash_completion_vuln/raw/master/2017-01-17.bash_completion_report.pdf

We unfortunately cannot easily download these because of the file names (not
ending in patch) and patch format (p0), so convert to p1 format and include
in package/bash with the following script:

for i in 06 07 08 09 10 11 12; do
	cat > bash44-0$i.patch << EOF
>From https://ftp.gnu.org/gnu/bash/bash-4.4-patches/bash44-0$i

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

EOF
	curl https://ftp.gnu.org/gnu/bash/bash-4.4-patches/bash44-0$i | \
		sed -e 's|^\*\*\* \.\./|*** |' -e 's|^--- |--- b/|' >> bash44-0$i.patch
done

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Peter Korsgaard 2017-02-08 09:12:03 +01:00
parent a1071d7169
commit 54a9495123
7 changed files with 689 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

63
package/bash/bash44-006.patch Normal file
View file

@ -0,0 +1,63 @@
From https://ftp.gnu.org/gnu/bash/bash-4.4-patches/bash44-006
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
BASH PATCH REPORT
=================
Bash-Release: 4.4
Patch-ID: bash44-006
Bug-Reported-by: <fernando@null-life.com>
Bug-Reference-ID: <CAEr-gPFPvqheiAeENmMkEwWRd4U=1iqCsYmR3sLdULOqL++_tQ@mail.gmail.com>
Bug-Reference-URL:
Bug-Description:
Out-of-range negative offsets to popd can cause the shell to crash attempting
to free an invalid memory block.
Patch (apply with `patch -p0'):
*** bash-4.4-patched/builtins/pushd.def 2016-01-25 13:31:49.000000000 -0500
--- b/builtins/pushd.def 2016-10-28 10:46:49.000000000 -0400
***************
*** 366,370 ****
}
! if (which > directory_list_offset || (directory_list_offset == 0 && which == 0))
{
pushd_error (directory_list_offset, which_word ? which_word : "");
--- b/366,370 ----
}
! if (which > directory_list_offset || (which < -directory_list_offset) || (directory_list_offset == 0 && which == 0))
{
pushd_error (directory_list_offset, which_word ? which_word : "");
***************
*** 388,391 ****
--- b/388,396 ----
of the list into place. */
i = (direction == '+') ? directory_list_offset - which : which;
+ if (i < 0 || i > directory_list_offset)
+ {
+ pushd_error (directory_list_offset, which_word ? which_word : "");
+ return (EXECUTION_FAILURE);
+ }
free (pushd_directory_list[i]);
directory_list_offset--;
*** bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400
--- b/patchlevel.h 2016-10-01 11:01:28.000000000 -0400
***************
*** 26,30 ****
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 5
#endif /* _PATCHLEVEL_H_ */
--- b/26,30 ----
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 6
#endif /* _PATCHLEVEL_H_ */

155
package/bash/bash44-007.patch Normal file
View file

@ -0,0 +1,155 @@
From https://ftp.gnu.org/gnu/bash/bash-4.4-patches/bash44-007
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
BASH PATCH REPORT
=================
Bash-Release: 4.4
Patch-ID: bash44-007
Bug-Reported-by: Jens Heyens <jens.heyens@cispa.saarland>
Bug-Reference-ID:
Bug-Reference-URL: https://savannah.gnu.org/support/?109224
Bug-Description:
When performing filename completion, bash dequotes the directory name being
completed, which can result in match failures and potential unwanted
expansion.
Patch (apply with `patch -p0'):
*** bash-4.4-patched/bashline.c 2016-08-05 21:44:05.000000000 -0400
--- b/bashline.c 2017-01-19 13:15:51.000000000 -0500
***************
*** 143,147 ****
static void restore_directory_hook __P((rl_icppfunc_t));
! static int directory_exists __P((const char *));
static void cleanup_expansion_error __P((void));
--- b/144,148 ----
static void restore_directory_hook __P((rl_icppfunc_t));
! static int directory_exists __P((const char *, int));
static void cleanup_expansion_error __P((void));
***************
*** 3103,3111 ****
}
! /* Check whether not the (dequoted) version of DIRNAME, with any trailing slash
! removed, exists. */
static int
! directory_exists (dirname)
const char *dirname;
{
char *new_dirname;
--- b/3107,3116 ----
}
! /* Check whether not DIRNAME, with any trailing slash removed, exists. If
! SHOULD_DEQUOTE is non-zero, we dequote the directory name first. */
static int
! directory_exists (dirname, should_dequote)
const char *dirname;
+ int should_dequote;
{
char *new_dirname;
***************
*** 3113,3118 ****
struct stat sb;
! /* First, dequote the directory name */
! new_dirname = bash_dequote_filename ((char *)dirname, rl_completion_quote_character);
dirlen = STRLEN (new_dirname);
if (new_dirname[dirlen - 1] == '/')
--- b/3118,3124 ----
struct stat sb;
! /* We save the string and chop the trailing slash because stat/lstat behave
! inconsistently if one is present. */
! new_dirname = should_dequote ? bash_dequote_filename ((char *)dirname, rl_completion_quote_character) : savestring (dirname);
dirlen = STRLEN (new_dirname);
if (new_dirname[dirlen - 1] == '/')
***************
*** 3146,3150 ****
should_expand_dirname = '`';
! if (should_expand_dirname && directory_exists (local_dirname))
should_expand_dirname = 0;
--- b/3152,3156 ----
should_expand_dirname = '`';
! if (should_expand_dirname && directory_exists (local_dirname, 0))
should_expand_dirname = 0;
***************
*** 3156,3160 ****
global_nounset = unbound_vars_is_error;
unbound_vars_is_error = 0;
! wl = expand_prompt_string (new_dirname, 0, W_NOCOMSUB|W_COMPLETE); /* does the right thing */
unbound_vars_is_error = global_nounset;
if (wl)
--- b/3162,3166 ----
global_nounset = unbound_vars_is_error;
unbound_vars_is_error = 0;
! wl = expand_prompt_string (new_dirname, 0, W_NOCOMSUB|W_NOPROCSUB|W_COMPLETE); /* does the right thing */
unbound_vars_is_error = global_nounset;
if (wl)
***************
*** 3245,3249 ****
}
! if (should_expand_dirname && directory_exists (local_dirname))
should_expand_dirname = 0;
--- b/3262,3266 ----
}
! if (should_expand_dirname && directory_exists (local_dirname, 1))
should_expand_dirname = 0;
***************
*** 3251,3255 ****
{
new_dirname = savestring (local_dirname);
! wl = expand_prompt_string (new_dirname, 0, W_NOCOMSUB|W_COMPLETE); /* does the right thing */
if (wl)
{
--- b/3268,3272 ----
{
new_dirname = savestring (local_dirname);
! wl = expand_prompt_string (new_dirname, 0, W_NOCOMSUB|W_NOPROCSUB|W_COMPLETE); /* does the right thing */
if (wl)
{
*** bash-4.4/subst.c 2016-08-30 16:46:38.000000000 -0400
--- b/subst.c 2017-01-19 07:09:57.000000000 -0500
***************
*** 9459,9462 ****
--- b/9459,9466 ----
if (word->flags & W_COMPLETE)
tword->flags |= W_COMPLETE; /* for command substitutions */
+ if (word->flags & W_NOCOMSUB)
+ tword->flags |= W_NOCOMSUB;
+ if (word->flags & W_NOPROCSUB)
+ tword->flags |= W_NOPROCSUB;
temp = (char *)NULL;
*** bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400
--- b/patchlevel.h 2016-10-01 11:01:28.000000000 -0400
***************
*** 26,30 ****
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 6
#endif /* _PATCHLEVEL_H_ */
--- b/26,30 ----
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 7
#endif /* _PATCHLEVEL_H_ */

88
package/bash/bash44-008.patch Normal file
View file

@ -0,0 +1,88 @@
From https://ftp.gnu.org/gnu/bash/bash-4.4-patches/bash44-008
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
BASH PATCH REPORT
=================
Bash-Release: 4.4
Patch-ID: bash44-008
Bug-Reported-by: Koichi MURASE <myoga.murase@gmail.com>
Bug-Reference-ID: <CAFLRLk-V+1AeQ2k=pY7ih6V+MfQ_w8EF3YWL2E+wmLfgKBtzXA@mail.gmail.com>
Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2016-11/msg00050.html
Bug-Description:
Under certain circumstances, bash will evaluate arithmetic expressions as
part of reading an expression token even when evaluation is suppressed. This
happens while evaluating a conditional expression and skipping over the
failed branch of the expression.
Patch (apply with `patch -p0'):
*** bash-4.4-patched/expr.c 2015-10-11 14:46:36.000000000 -0400
--- b/expr.c 2016-11-08 11:55:46.000000000 -0500
***************
*** 579,585 ****
if (curtok == QUES) /* found conditional expr */
{
- readtok ();
- if (curtok == 0 || curtok == COL)
- evalerror (_("expression expected"));
if (cval == 0)
{
--- b/579,582 ----
***************
*** 588,591 ****
--- b/585,592 ----
}
+ readtok ();
+ if (curtok == 0 || curtok == COL)
+ evalerror (_("expression expected"));
+
val1 = EXP_HIGHEST ();
***************
*** 594,600 ****
if (curtok != COL)
evalerror (_("`:' expected for conditional expression"));
! readtok ();
! if (curtok == 0)
! evalerror (_("expression expected"));
set_noeval = 0;
if (cval)
--- b/595,599 ----
if (curtok != COL)
evalerror (_("`:' expected for conditional expression"));
!
set_noeval = 0;
if (cval)
***************
*** 604,608 ****
--- b/603,611 ----
}
+ readtok ();
+ if (curtok == 0)
+ evalerror (_("expression expected"));
val2 = expcond ();
+
if (set_noeval)
noeval--;
*** bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400
--- b/patchlevel.h 2016-10-01 11:01:28.000000000 -0400
***************
*** 26,30 ****
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 7
#endif /* _PATCHLEVEL_H_ */
--- b/26,30 ----
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 8
#endif /* _PATCHLEVEL_H_ */

111
package/bash/bash44-009.patch Normal file
View file

@ -0,0 +1,111 @@
From https://ftp.gnu.org/gnu/bash/bash-4.4-patches/bash44-009
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
BASH PATCH REPORT
=================
Bash-Release: 4.4
Patch-ID: bash44-009
Bug-Reported-by: Hong Cho <hong.cho@citrix.com>
Bug-Reference-ID: <c30b5fe62b2543af8297e47ca487c29c@SJCPEX02CL02.citrite.net>
Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2016-12/msg00043.html
Bug-Description:
There is a race condition in add_history() that can be triggered by a fatal
signal arriving between the time the history length is updated and the time
the history list update is completed. A later attempt to reference an
invalid history entry can cause a crash.
Patch (apply with `patch -p0'):
*** bash-4.4-patched/lib/readline/history.c 2016-11-11 13:42:49.000000000 -0500
--- b/lib/readline/history.c 2016-12-05 10:37:51.000000000 -0500
***************
*** 280,283 ****
--- b/280,284 ----
{
HIST_ENTRY *temp;
+ int new_length;
if (history_stifled && (history_length == history_max_entries))
***************
*** 296,306 ****
/* Copy the rest of the entries, moving down one slot. Copy includes
trailing NULL. */
- #if 0
- for (i = 0; i < history_length; i++)
- the_history[i] = the_history[i + 1];
- #else
memmove (the_history, the_history + 1, history_length * sizeof (HIST_ENTRY *));
- #endif
history_base++;
}
--- b/297,303 ----
/* Copy the rest of the entries, moving down one slot. Copy includes
trailing NULL. */
memmove (the_history, the_history + 1, history_length * sizeof (HIST_ENTRY *));
+ new_length = history_length;
history_base++;
}
***************
*** 316,320 ****
history_size = DEFAULT_HISTORY_INITIAL_SIZE;
the_history = (HIST_ENTRY **)xmalloc (history_size * sizeof (HIST_ENTRY *));
! history_length = 1;
}
else
--- b/313,317 ----
history_size = DEFAULT_HISTORY_INITIAL_SIZE;
the_history = (HIST_ENTRY **)xmalloc (history_size * sizeof (HIST_ENTRY *));
! new_length = 1;
}
else
***************
*** 326,330 ****
xrealloc (the_history, history_size * sizeof (HIST_ENTRY *));
}
! history_length++;
}
}
--- b/323,327 ----
xrealloc (the_history, history_size * sizeof (HIST_ENTRY *));
}
! new_length = history_length + 1;
}
}
***************
*** 332,337 ****
temp = alloc_history_entry ((char *)string, hist_inittime ());
! the_history[history_length] = (HIST_ENTRY *)NULL;
! the_history[history_length - 1] = temp;
}
--- b/329,335 ----
temp = alloc_history_entry ((char *)string, hist_inittime ());
! the_history[new_length] = (HIST_ENTRY *)NULL;
! the_history[new_length - 1] = temp;
! history_length = new_length;
}
*** bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400
--- b/patchlevel.h 2016-10-01 11:01:28.000000000 -0400
***************
*** 26,30 ****
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 8
#endif /* _PATCHLEVEL_H_ */
--- b/26,30 ----
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 9
#endif /* _PATCHLEVEL_H_ */

53
package/bash/bash44-010.patch Normal file
View file

@ -0,0 +1,53 @@
From https://ftp.gnu.org/gnu/bash/bash-4.4-patches/bash44-010
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
BASH PATCH REPORT
=================
Bash-Release: 4.4
Patch-ID: bash44-010
Bug-Reported-by: Clark Wang <dearvoid@gmail.com>
Bug-Reference-ID: <CADv8-og092RvvUUHy46=BPKChCXw5g=GOOqgN0V3f4a3TpLebQ@mail.gmail.com>
Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2016-11/msg00104.html
Bug-Description:
Depending on compiler optimizations and behavior, the `read' builtin may not
save partial input when a timeout occurs.
Patch (apply with `patch -p0'):
*** bash-4.4-patched/builtins/read.def 2016-05-16 14:24:56.000000000 -0400
--- b/builtins/read.def 2016-11-25 12:37:56.000000000 -0500
***************
*** 182,186 ****
{
register char *varname;
! int size, i, nr, pass_next, saw_escape, eof, opt, retval, code, print_ps2;
int input_is_tty, input_is_pipe, unbuffered_read, skip_ctlesc, skip_ctlnul;
int raw, edit, nchars, silent, have_timeout, ignore_delim, fd, lastsig, t_errno;
--- b/182,187 ----
{
register char *varname;
! int size, nr, pass_next, saw_escape, eof, opt, retval, code, print_ps2;
! volatile int i;
int input_is_tty, input_is_pipe, unbuffered_read, skip_ctlesc, skip_ctlnul;
int raw, edit, nchars, silent, have_timeout, ignore_delim, fd, lastsig, t_errno;
*** bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400
--- b/patchlevel.h 2016-10-01 11:01:28.000000000 -0400
***************
*** 26,30 ****
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 9
#endif /* _PATCHLEVEL_H_ */
--- b/26,30 ----
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 10
#endif /* _PATCHLEVEL_H_ */

54
package/bash/bash44-011.patch Normal file
View file

@ -0,0 +1,54 @@
From https://ftp.gnu.org/gnu/bash/bash-4.4-patches/bash44-011
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
BASH PATCH REPORT
=================
Bash-Release: 4.4
Patch-ID: bash44-011
Bug-Reported-by: Russell King <rmk@armlinux.org.uk>
Bug-Reference-ID: <E1cNnFx-0007G2-S2@flint.armlinux.org.uk>
Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2017-01/msg00000.html
Bug-Description:
Subshells begun to run command and process substitutions may attempt to
set the terminal's process group to an incorrect value if they receive
a fatal signal. This depends on the behavior of the process that starts
the shell.
Patch (apply with `patch -p0'):
*** bash-4.4-patched/sig.c 2016-02-11 15:02:45.000000000 -0500
--- b/sig.c 2017-01-04 09:09:47.000000000 -0500
***************
*** 586,590 ****
if (sig == SIGHUP && (interactive || (subshell_environment & (SUBSHELL_COMSUB|SUBSHELL_PROCSUB))))
hangup_all_jobs ();
! end_job_control ();
#endif /* JOB_CONTROL */
--- b/571,576 ----
if (sig == SIGHUP && (interactive || (subshell_environment & (SUBSHELL_COMSUB|SUBSHELL_PROCSUB))))
hangup_all_jobs ();
! if ((subshell_environment & (SUBSHELL_COMSUB|SUBSHELL_PROCSUB)) == 0)
! end_job_control ();
#endif /* JOB_CONTROL */
*** bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400
--- b/patchlevel.h 2016-10-01 11:01:28.000000000 -0400
***************
*** 26,30 ****
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 10
#endif /* _PATCHLEVEL_H_ */
--- b/26,30 ----
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 11
#endif /* _PATCHLEVEL_H_ */

165
package/bash/bash44-012.patch Normal file
View file

@ -0,0 +1,165 @@
From https://ftp.gnu.org/gnu/bash/bash-4.4-patches/bash44-012
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
BASH PATCH REPORT
=================
Bash-Release: 4.4
Patch-ID: bash44-012
Bug-Reported-by: Clark Wang <dearvoid@gmail.com>
Bug-Reference-ID: <CADv8-ojttPUFOZXqbjsvy83LfaJtQKZ5qejGdF6j0VJ3vtrYOA@mail.gmail.com>
Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2016-11/msg00106.html
Bug-Description:
When -N is used, the input is not supposed to be split using $IFS, but
leading and trailing IFS whitespace was still removed.
Patch (apply with `patch -p0'):
*** bash-4.4-patched/subst.c 2017-01-20 14:22:01.000000000 -0500
--- b/subst.c 2017-01-25 13:43:22.000000000 -0500
***************
*** 2826,2834 ****
/* Parse a single word from STRING, using SEPARATORS to separate fields.
ENDPTR is set to the first character after the word. This is used by
! the `read' builtin. This is never called with SEPARATORS != $IFS;
! it should be simplified.
XXX - this function is very similar to list_string; they should be
combined - XXX */
char *
get_word_from_string (stringp, separators, endptr)
--- b/2826,2838 ----
/* Parse a single word from STRING, using SEPARATORS to separate fields.
ENDPTR is set to the first character after the word. This is used by
! the `read' builtin.
!
! This is never called with SEPARATORS != $IFS, and takes advantage of that.
XXX - this function is very similar to list_string; they should be
combined - XXX */
+
+ #define islocalsep(c) (local_cmap[(unsigned char)(c)] != 0)
+
char *
get_word_from_string (stringp, separators, endptr)
***************
*** 2838,2841 ****
--- b/2842,2846 ----
char *current_word;
int sindex, sh_style_split, whitesep, xflags;
+ unsigned char local_cmap[UCHAR_MAX+1]; /* really only need single-byte chars here */
size_t slen;
***************
*** 2847,2854 ****
separators[2] == '\n' &&
separators[3] == '\0';
! for (xflags = 0, s = ifs_value; s && *s; s++)
{
if (*s == CTLESC) xflags |= SX_NOCTLESC;
if (*s == CTLNUL) xflags |= SX_NOESCCTLNUL;
}
--- b/2852,2861 ----
separators[2] == '\n' &&
separators[3] == '\0';
! memset (local_cmap, '\0', sizeof (local_cmap));
! for (xflags = 0, s = separators; s && *s; s++)
{
if (*s == CTLESC) xflags |= SX_NOCTLESC;
if (*s == CTLNUL) xflags |= SX_NOESCCTLNUL;
+ local_cmap[(unsigned char)*s] = 1; /* local charmap of separators */
}
***************
*** 2857,2864 ****
/* Remove sequences of whitespace at the beginning of STRING, as
! long as those characters appear in IFS. */
! if (sh_style_split || !separators || !*separators)
{
! for (; *s && spctabnl (*s) && isifs (*s); s++);
/* If the string is nothing but whitespace, update it and return. */
--- b/2864,2872 ----
/* Remove sequences of whitespace at the beginning of STRING, as
! long as those characters appear in SEPARATORS. This happens if
! SEPARATORS == $' \t\n' or if IFS is unset. */
! if (sh_style_split || separators == 0)
{
! for (; *s && spctabnl (*s) && islocalsep (*s); s++);
/* If the string is nothing but whitespace, update it and return. */
***************
*** 2879,2885 ****
This obeys the field splitting rules in Posix.2. */
sindex = 0;
! /* Don't need string length in ADVANCE_CHAR or string_extract_verbatim
! unless multibyte chars are possible. */
! slen = (MB_CUR_MAX > 1) ? STRLEN (s) : 1;
current_word = string_extract_verbatim (s, slen, &sindex, separators, xflags);
--- b/2887,2893 ----
This obeys the field splitting rules in Posix.2. */
sindex = 0;
! /* Don't need string length in ADVANCE_CHAR unless multibyte chars are
! possible, but need it in string_extract_verbatim for bounds checking */
! slen = STRLEN (s);
current_word = string_extract_verbatim (s, slen, &sindex, separators, xflags);
***************
*** 2900,2904 ****
/* Now skip sequences of space, tab, or newline characters if they are
in the list of separators. */
! while (s[sindex] && spctabnl (s[sindex]) && isifs (s[sindex]))
sindex++;
--- b/2908,2912 ----
/* Now skip sequences of space, tab, or newline characters if they are
in the list of separators. */
! while (s[sindex] && spctabnl (s[sindex]) && islocalsep (s[sindex]))
sindex++;
***************
*** 2907,2916 ****
delimiter, not a separate delimiter that would result in an empty field.
Look at POSIX.2, 3.6.5, (3)(b). */
! if (s[sindex] && whitesep && isifs (s[sindex]) && !spctabnl (s[sindex]))
{
sindex++;
/* An IFS character that is not IFS white space, along with any adjacent
IFS white space, shall delimit a field. */
! while (s[sindex] && spctabnl (s[sindex]) && isifs (s[sindex]))
sindex++;
}
--- b/2915,2924 ----
delimiter, not a separate delimiter that would result in an empty field.
Look at POSIX.2, 3.6.5, (3)(b). */
! if (s[sindex] && whitesep && islocalsep (s[sindex]) && !spctabnl (s[sindex]))
{
sindex++;
/* An IFS character that is not IFS white space, along with any adjacent
IFS white space, shall delimit a field. */
! while (s[sindex] && spctabnl (s[sindex]) && islocalsep(s[sindex]))
sindex++;
}
*** bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400
--- b/patchlevel.h 2016-10-01 11:01:28.000000000 -0400
***************
*** 26,30 ****
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 11
#endif /* _PATCHLEVEL_H_ */
--- b/26,30 ----
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 12
#endif /* _PATCHLEVEL_H_ */