Language Selection

English French German Italian Portuguese Spanish

GNU Release of GNU Bash 5.1 and Gnulib for Security

Filed under
GNU
  • Bash-5.1 release available
    Introduction
    ============
    
    The first public release of bash-5.1 is now available with the URLs
    
    ftp://ftp.cwru.edu/pub/bash/bash-5.1.tar.gz
    ftp://ftp.gnu.org/pub/gnu/bash/bash-5.1.tar.gz
    
    and from the master branch of the bash git repository
    (http://git.savannah.gnu.org/cgit/bash.git/log/)
    and the usual GNU mirror sites.
    
    Bash is the GNU Project's Bourne Again SHell, a complete
    implementation of the POSIX shell spec, but also with interactive
    command line editing, job control on architectures that support it,
    csh-like features such as history substitution and brace expansion,
    and a slew of other features.  For more information on the features
    of Bash that are new to this type of shell, see the file
    `doc/bashref.texi'.  There is also a large Unix-style man page.  The
    man page is the definitive description of the shell's features. 
    
    This tar file includes the formatted documentation (pdf, postscript,
    dvi, info, and html, plus nroffed versions of the manual pages). 
    
    Please use `bashbug' to report bugs with this version.  It is built
    and installed at the same time as bash.
    
    Installation
    ============
    
    Please read the README file first.
    
    Installation instructions are provided in the INSTALL file.
    
    New Features
    ============
    
    This is the fifth major release of bash.
    
    Read the file NEWS in the bash-5.1 distribution for a complete description
    of the new features.  A copy of the relevant portions is included below. 
    
    This release fixes several outstanding bugs in bash-5.0 and introduces
    several new features.  The most significant change is a return to the
    bash-4.4 behavior of not performing pathname expansion on a word that
    contains backslashes but does not contain any unquoted globbing special
    characters.  This comes after a long POSIX discussion that resulted in a
    change to the standard.  There are several changes regarding trap handling
    while reading from the terminal (e.g, for `read' and `select'.) There are a
    number of bug fixes, including several bugs that caused the shell to crash. 
    Details are appended. 
    
    The most notable new features are in the random number engine. There is a
    new variable, SRANDOM, which gets its random data from the system's entropy
    engine and so is not linear and cannot be reseeded to get an identical
    random sequence. The PROMPT_COMMANDS array variable can be used to run
    multiple commands before printing the primary prompt. Associative arrays may
    be assigned using a series of key-value pairs within a compound assignment.
    `wait' has a new `-p' option which stores PID information about the process
    reaped by `wait -n'. Process substitution is now available in posix mode.
    There are new parameter transformation operators. There is no new `compat50'
    option; use the BASH_COMPAT variable to select the compatibility level.
    All the new features are described below.
    
    The most visible new feature is in Readline: the addition of `faces', which
    highlights the text between the point and mark (the region, so this is also
    called the 'active region'). This was added to show visibly the text
    inserted by bracketed paste, and also marks the text found by incremental
    and non-incremental history searches.  Faces are currently tied to
    bracketed paste and are enabled and disabled along with bracketed paste
    mode.  Bracketed paste mode is enabled by default. 
    
    There are a few incompatible changes between bash-5.0 and bash-5.1. The
    change to pathname expansion means that words containing backslashes, but no
    special globbing characters, will not undergo pathname expansion. While
    the bash-5.0 behavior was POSIX-conformant, the change was not well-received.
    Changes to the random number engines mean that seeding RANDOM will produce
    a different numeric sequence. Set the compatibility level to 50 to revert
    to the bash-5.0 behavior.
    
    Bash can be linked against an already-installed Readline library rather
    than the private version in lib/readline if desired.  Only readline-8.1 and
    later versions are able to provide all of the symbols that bash-5.1 requires;
    earlier versions of the Readline library will not work correctly. 
    
    A complete list of changes between bash-5.0 and bash-5.1 is available in
    the file CHANGES; the complete list is too large to include in this
    message. 
    
    Readline
    ========
    
    Also available is a new release of the standalone Readline library,
    version 8.1, with its own configuration scripts and Makefiles. 
    It can be retrieved with the URLs
    
    ftp://ftp.cwru.edu/pub/bash/readline-8.1.tar.gz
    ftp://ftp.gnu.org/pub/gnu/readline/readline-8.1.tar.gz
    
    and from the master branch of the GNU readline git repository
    (http://git.savannah.gnu.org/cgit/readline.git/log/)
    and the usual GNU mirror sites.
    
    The formatted Readline documentation is included in the readline
    distribution tar file.
    
    A separate announcement listing the changes in Readline is being
    distributed.
    
    As always, thanks for your help.
    
    Chet
    
    +========== NEWS ==========+
    This is a terse description of the new features added to bash-5.1 since
    the release of bash-5.0.  As always, the manual page (doc/bash.1) is
    the place to look for complete descriptions.
    
    1. New Features in Bash
    
    a. `bind -x' now supports different bindings for different editing modes and
       keymaps.
    
    b. Bash attempts to optimize the number of times it forks when executing
       commands in subshells and from `bash -c'.
    
    c. Here documents and here strings now use pipes for the expanded document if
       it's smaller than the pipe buffer size, reverting to temporary files if it's
       larger.
    
    d. There are new loadable builtins: mktemp, accept, mkfifo, csv, cut/lcut
    
    e. In posix mode, `trap -p' now displays signals whose disposition is SIG_DFL
       and those that were SIG_IGN when the shell starts.
    
    f. The shell now expands the history number (e.g., in PS1) even if it is not
       currently saving commands to the history list.
    
    g. `read -e' may now be used with arbitrary file descriptors (`read -u N').
    
    h. The `select' builtin now runs traps if its internal call to the read builtin
       is interrupted by a signal.
    
    i. SRANDOM: a new variable that expands to a 32-bit random number that is not
       produced by an LCRNG, and uses getrandom/getentropy, falling back to
       /dev/urandom or arc4random if available. There is a fallback generator if
       none of these are available.
    
    j. shell-transpose-words: a new bindable readline command that uses the same
       definition of word as shell-forward-word, etc.
    
    k. The shell now adds default bindings for shell-forward-word,
       shell-backward-word, shell-transpose-words, and shell-kill-word.
    
    l. Bash now allows ARGV0 appearing in the initial shell environment to set $0.
    
    m. If `unset' is executed without option arguments, bash tries to unset a shell
       function if a name argument cannot be a shell variable name because it's not
       an identifier.
    
    n. The `test -N' operator uses nanosecond timestamp granularity if it's
       available.
    
    o. Bash posix mode now treats assignment statements preceding shell function
       definitions the same as in its default mode, since POSIX has changed and
       no longer requires those assignments to persist after the function returns
       (POSIX interp 654).
    
    p. BASH_REMATCH is no longer readonly.
    
    q. wait: has a new -p VARNAME option, which stores the PID returned by `wait -n'
       or `wait' without arguments.
    
    r. Sorting the results of pathname expansion now uses byte-by-byte comparisons
       if two strings collate equally to impose a total order; the result of a
       POSIX interpretation.
    
    s. Bash now allows SIGINT trap handlers to execute recursively.
    
    t. Bash now saves and restores state around setting and unsetting posix mode,
       instead of having unsetting posix mode set a known state.
    
    u. Process substitution is now available in posix mode.
    
    v. READLINE_MARK: a new variable available while executing commands bound with
       `bind -x', contains the value of the mark.
    
    w. Bash removes SIGCHLD from the set of blocked signals if it's blocked at shell
       startup.
    
    x. `test -v N' can now test whether or not positional parameter N is set.
    
    y. `local' now honors the `-p' option to display all local variables at the
        current context.
    
    z. The `@a' variable transformation now prints attributes for unset array
       variables.
    
    aa. The `@A' variable transformation now prints a declare command that sets a
        variable's attributes if the variable has attributes but is unset.
    
    bb. `declare' and `local' now have a -I option that inherits attributes and
        value from a variable with the same name at a previous scope.
    
    cc. When run from a -c command, `jobs' now reports the status of completed jobs.
    
    dd. New `U', `u', and `L' parameter transformations to convert to uppercase,
        convert first character to uppercase, and convert to lowercase,
        respectively.
    
    ee. PROMPT_COMMAND: can now be an  array variable, each element of which can
        contain a command to be executed like a string PROMPT_COMMAND variable.
    
    ff. `ulimit' has a -R option to report and set the RLIMIT_RTTIME resource.
    
    gg. Associative arrays may be assigned using a list of key-value pairs within
        a compound assignment. Compound assignments where the words are not of
        the form [key]=value are assumed to be key-value assignments. A missing or
        empty key is an error; a missing value is treated as NULL. Assignments may
        not mix the two forms.
    
    hh. New `K' parameter transformation to display associative arrays as key-
        value pairs.
    
    ii. Writing history to syslog now handles messages longer than the syslog max
        length by writing multiple messages with a sequence number.
    
    jj. SECONDS and RANDOM may now be assigned using arithmetic expressions, since
        they are nominally integer variables. LINENO is not an integer variable.
    
    kk. Bash temporarily suppresses the verbose option when running the DEBUG trap
        while running a command from the `fc' builtin.
    
    ll. `wait -n' now accepts a list of job specifications as arguments and will
        wait for the first one in the list to change state.
    
    mm. The associative array implementation can now dynamically increase the
        size of the hash table based on insertion patterns.
    
    nn. HISTFILE is now readonly in a restricted shell.
    
    oo. The bash malloc now returns memory that is 16-byte aligned on 64-bit
        systems.
    
    pp. If the hash builtin is listing hashed filenames portably, don't print
       anything if the table is empty.
    
    qq. GLOBIGNORE now ignores `.' and `..' as a terminal pathname component.
    
    rr. Bash attempts to optimize away forks in the last command in a function body
        under appropriate circumstances.
    
    ss. The globbing code now uses fnmatch(3) to check collation elements (if
        available) even in cases without multibyte characters.
    
    tt. The `fg' and `bg' builtins now return an error in a command substitution
        when asked to restart a job inherited from the parent shell.
    
    uu. The shell now attempts to unlink all FIFOs on exit, whether a consuming
        process has finished with them or not.
    
    vv. There is a new contributed loadable builtin: asort.
    
    2. New Features in Readline
    
    a. If a second consecutive completion attempt produces matches where the first
       did not, treat it as a new completion attempt and insert a match as
       appropriate.
    
    b. Bracketed paste mode works in more places: incremental search strings, vi
       overstrike mode, character search, and reading numeric arguments.
    
    c. Readline automatically switches to horizontal scrolling if the terminal has
       only one line.
    
    d. Unbinding all key sequences bound to a particular readline function now
       descends into keymaps for multi-key sequences.
    
    e. rl-clear-display: new bindable command that clears the screen and, if
       possible, the scrollback buffer (bound to emacs mode M-C-l by default).
    
    f. New active mark and face feature: when enabled, it will highlight the text
       inserted by a bracketed paste (the `active region') and the text found by
       incremental and non-incremental history searches. This is tied to bracketed
       paste and can be disabled by turning off bracketed paste.
    
    g. Readline sets the mark in several additional commands.
    
    h. Bracketed paste mode is enabled by default.
    
    i. Readline tries to take advantage of the more regular structure of UTF-8
       characters to identify the beginning and end of characters when moving
       through the line buffer.
    
    j. The bindable operate-and-get-next command (and its default bindings) are
       now part of readline instead of a bash-specific addition.
    
    k. The signal cleanup code now blocks SIGINT while processing after a SIGINT.
    
    
  • GNU Bash 5.1 Released With New "SRANDOM" Variable As A New Means Of Randomness - Phoronix

    Beyond the usual bug fixing, Readline updates, and other mostly mundane changes, one interesting addition to note with Bash 5.1 is the new SRANDOM variable. The SRANDOM variable provides random data from the system's entropy engine and cannot be reseeded. In particular, the SRANDOM variable provides a 32-bit random number that relies upon getrandom/getentropy -- with fall-backs to /dev/urandom or arc4random or even another fallback after that if necessary.

  • Bash 5.1 and Readline 8.1 released

    Bash 5.1 is out. "This release fixes several outstanding bugs in bash-5.0 and introduces several new features. The most significant change is a return to the bash-4.4 behavior of not performing pathname expansion on a word that contains backslashes but does not contain any unquoted globbing special characters. This comes after a long POSIX discussion that resulted in a change to the standard. There are several changes regarding trap handling while reading from the terminal (e.g, for `read' and `select'.) There are a number of bug fixes, including several bugs that caused the shell to crash."
    The readline library used in bash 5.1 has also been updated to version 8.1. "There are more improvements in the programming interface and new user-visible variables and bindable commands. There are a several new public API functions, but there should be no incompatible changes to existing APIs."

  • Gnulib helps you avoid integer overflow vulnerabilities

    Gnulib's intprops module has new macros INT_ADD_OK, INT_SUBTRACT_OK, and INT_MULTIPLY_OK that support portable overflow checking while doing integer arithmetic. On GNU platforms the macros typically use only a single machine instruction more than ordinary integer arithmetic would.

GNU/Bash 5.1 released with the random ${SRANDOM} number engine

  • GNU/Bash 5.1 released with the random ${SRANDOM} number engine

    Current GNU/Bash maintainer Chet Ramey announced the latest major release, Bash 5.1, on December 7th, 2020. Bash is the default shell on many Linux distros and popular among developers, especially those working with Linux containers. It is the fifth major release of bash. It came with a new enhanced random number generation and added a new variable called SRANDOM. Let us see how to install and use newly released GNU/BASH 5.1 on Linux.

    [...]

    Apart from enhanced random number generation and added a new variable called $SRANDOM in GNU/Bash 5.1, we see many other minor enhancements. Head over to the GNU bash project homepage to grab the latest software.

More on Bash-5.1

  • SD Times news digest: Apache Kafka 2.7.0, Bash-5.1, and System.Text.Json updates

    Bash is a GNU project bourne again shell that features interactive command line editing, job control, support for csh-like features, and history substitution.

    The release also includes several outstanding bug fixes. In a post, the team explained the biggest change is “a return to the bash-4.4 behavior of not performing pathname expansion on a word that contains backslashes but does not contain any unquoted globbing special characters.”

Bash 5.1 brings back older behavior

  • Bash 5.1 brings back older behavior

    Bash 5.1, described as the fifth major release of the Unix and Linux shell in a release bulletin, was published earlier this month, featuring a return to Bash 4.4 behavior regarding pathname expansion.

    Called the most significant change in the new release, the return to Bash 4.4 behavior involves not performing pathname expansion on a word that contains backslashes but does not contain unquoted globbing special characters. The Bash 5.1 release also introduces changes in trap handling while reading from the terminal, and it fixes a number of bugs including several that caused the shell to crash.

Bash 5.1 Reworks Pathname Expansion

  • Bash 5.1 Reworks Pathname Expansion

    The fifth major release of Bash has been released with improvements including a rework of the way pathname expansion is handled.

    Bash is the GNU Project's Bourne Again SHell, a complete implementation of the POSIX shell spec. It also comes with interactive command line editing, job control on architectures that support it, csh-like features such as history substitution and brace expansion.

    The most significant change to the new version is the result of bash users complaining about the way the previous release handled particular varieties of pathnames. This was discussed at length on POSIX.

    Bash 5.1 now handles pathname expansion in the same way bash-4.4 used to. In other words, text is not expanded as a pathname if the word contains backslashes but does not contain any unquoted globbing special characters.

    The new release also has changes to trap handling when reading from the terminal such as when performing reads and selects, with several bug fixes to fix bugs that caused the shell to crash.

    Another improvement is to the random number engine. There's a new variable, SRANDOM, that gets its random data from the system's entropy engine. This means it avoids being linear and cannot be reseeded to get an identical random sequence.

    Array handling has also been improved, with a new array variable that can be used to run multiple commands before printing the primary prompt. You can also assign a series of key-value pairs within a compound assignment.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Noise With Blanket

Videos/Audiocasts/Shows: Linux Journal Expats, Linux Experiment, and Krita Artwork

  • You Should Open Source Now, Ask Me How!

    Katherine Druckman chats with Petros Koutoupis and Kyle Rankin about FOSS (Free and Open Source Software), the benefits of contributing to the projects you use, and why you should be a FOSS fan as well.

  • System76 starts their own desktop environment, Arch goes the easy route - Linux & Open Source news

    This time, we have System76 working on their own desktop environment based on GNOME, Arch Linux adding a guided installer, Google winning its court case against Oracle on the use of Java in Android, and Facebook is leaking data online, again. Become a channel member to get access to a weekly patroncast and vote on the next topics I'll cover

  • Timelapse: inking a comic page in Krita (uncommented)

    An uncommented timelapse while inking this page 6 of episode 34 of my webcomic Pepper&Carrot ( https://www.peppercarrot.com/ ). During the process, I thought about activating the recorder and I even put a webcam so you can see what I'm doing on the tablet too. I'm not doing it for everypages; because you can imagine the weight on disk about saving around 10h of videos like this; and also how it is not multi-tasking: when I record, you don't see me open the door to get the mail of the postman, you don't see me cleaning temporary accident of a cat bringing back a mouse at home, you don't see me typing to solve a merge request issue to merge a translation of Pepper&Carrot.

Kernel Leftovers

  • [Intel-gfx] [RFC 00/28] Old platform/gen kconfig options series
  • Patches Resubmitted For Linux With Selectable Intel Graphics Platform Support

    Back in early 2018 were patches proposed for selectable platform support when building Intel's kernel graphics driver so users/distributions if desired could disable extremely old hardware support and/or cater kernel builds for specific Intel graphics generations. Three years later those patches have been re-proposed. The patches then and now are about allowing selectable Intel graphics "Gen" support at kernel configure/build time so that say the i8xx support could be removed or other specific generations of Intel graphics handled by the i915 kernel driver. This disabling could be done if phasing out older hardware support, seeking smaller kernel images, or other similar purposes. The patches don't change any default support levels but leaves things as-is and simply provides the knobs for disabling select generations of hardware.

  • Linux Kernel Runtime Guard 0.9.0 Is Released

    Linux Kernel Runtime Guard (LKRG) is a security module for the Linux kernel developed by Openwall. The latest release adds compatibility with Linux kernels up to soon to be released 5.12, support for building LKRG into kernel images, support for old 32-bit x86 machines and more. Loading the LKRG 0.9.0 module will cause a kernel panic and a complete halt if SELinux is enabled.

  • Hans de Goede: Logitech G15 and Z-10 LCD-screen support under Linux

    A while ago I worked on improving Logitech G15 LCD-screen support under Linux. I recently got an email from someone who wanted to add support for the LCD panel in the Logitech Z-10 speakers to lcdproc, asking me to describe the process I went through to improve G15 support in lcdproc and how I made it work without requiring the unmaintained g15daemon code.

Devuan 4.0 Alpha Builds Begin For Debian 11 Without Systemd

Debian 11 continues inching closer towards release and it looks like the developers maintaining the "Devuan" fork won't be far behind with their re-base of the distribution focused on init system freedom. The Devuan fork of Debian remains focused on providing Debian GNU/Linux without systemd. Devuan Beowulf 3.1 is their latest release based on Debian 10 while Devuan Chimaera is in the works as their re-base for Debian 11. Read more