GNU Release of GNU Bash 5.1 and Gnulib for Security
-
Bash-5.1 release available
Introduction ============ The first public release of bash-5.1 is now available with the URLs ftp://ftp.cwru.edu/pub/bash/bash-5.1.tar.gz ftp://ftp.gnu.org/pub/gnu/bash/bash-5.1.tar.gz and from the master branch of the bash git repository (http://git.savannah.gnu.org/cgit/bash.git/log/) and the usual GNU mirror sites. Bash is the GNU Project's Bourne Again SHell, a complete implementation of the POSIX shell spec, but also with interactive command line editing, job control on architectures that support it, csh-like features such as history substitution and brace expansion, and a slew of other features. For more information on the features of Bash that are new to this type of shell, see the file `doc/bashref.texi'. There is also a large Unix-style man page. The man page is the definitive description of the shell's features. This tar file includes the formatted documentation (pdf, postscript, dvi, info, and html, plus nroffed versions of the manual pages). Please use `bashbug' to report bugs with this version. It is built and installed at the same time as bash. Installation ============ Please read the README file first. Installation instructions are provided in the INSTALL file. New Features ============ This is the fifth major release of bash. Read the file NEWS in the bash-5.1 distribution for a complete description of the new features. A copy of the relevant portions is included below. This release fixes several outstanding bugs in bash-5.0 and introduces several new features. The most significant change is a return to the bash-4.4 behavior of not performing pathname expansion on a word that contains backslashes but does not contain any unquoted globbing special characters. This comes after a long POSIX discussion that resulted in a change to the standard. There are several changes regarding trap handling while reading from the terminal (e.g, for `read' and `select'.) There are a number of bug fixes, including several bugs that caused the shell to crash. Details are appended. The most notable new features are in the random number engine. There is a new variable, SRANDOM, which gets its random data from the system's entropy engine and so is not linear and cannot be reseeded to get an identical random sequence. The PROMPT_COMMANDS array variable can be used to run multiple commands before printing the primary prompt. Associative arrays may be assigned using a series of key-value pairs within a compound assignment. `wait' has a new `-p' option which stores PID information about the process reaped by `wait -n'. Process substitution is now available in posix mode. There are new parameter transformation operators. There is no new `compat50' option; use the BASH_COMPAT variable to select the compatibility level. All the new features are described below. The most visible new feature is in Readline: the addition of `faces', which highlights the text between the point and mark (the region, so this is also called the 'active region'). This was added to show visibly the text inserted by bracketed paste, and also marks the text found by incremental and non-incremental history searches. Faces are currently tied to bracketed paste and are enabled and disabled along with bracketed paste mode. Bracketed paste mode is enabled by default. There are a few incompatible changes between bash-5.0 and bash-5.1. The change to pathname expansion means that words containing backslashes, but no special globbing characters, will not undergo pathname expansion. While the bash-5.0 behavior was POSIX-conformant, the change was not well-received. Changes to the random number engines mean that seeding RANDOM will produce a different numeric sequence. Set the compatibility level to 50 to revert to the bash-5.0 behavior. Bash can be linked against an already-installed Readline library rather than the private version in lib/readline if desired. Only readline-8.1 and later versions are able to provide all of the symbols that bash-5.1 requires; earlier versions of the Readline library will not work correctly. A complete list of changes between bash-5.0 and bash-5.1 is available in the file CHANGES; the complete list is too large to include in this message. Readline ======== Also available is a new release of the standalone Readline library, version 8.1, with its own configuration scripts and Makefiles. It can be retrieved with the URLs ftp://ftp.cwru.edu/pub/bash/readline-8.1.tar.gz ftp://ftp.gnu.org/pub/gnu/readline/readline-8.1.tar.gz and from the master branch of the GNU readline git repository (http://git.savannah.gnu.org/cgit/readline.git/log/) and the usual GNU mirror sites. The formatted Readline documentation is included in the readline distribution tar file. A separate announcement listing the changes in Readline is being distributed. As always, thanks for your help. Chet +========== NEWS ==========+ This is a terse description of the new features added to bash-5.1 since the release of bash-5.0. As always, the manual page (doc/bash.1) is the place to look for complete descriptions. 1. New Features in Bash a. `bind -x' now supports different bindings for different editing modes and keymaps. b. Bash attempts to optimize the number of times it forks when executing commands in subshells and from `bash -c'. c. Here documents and here strings now use pipes for the expanded document if it's smaller than the pipe buffer size, reverting to temporary files if it's larger. d. There are new loadable builtins: mktemp, accept, mkfifo, csv, cut/lcut e. In posix mode, `trap -p' now displays signals whose disposition is SIG_DFL and those that were SIG_IGN when the shell starts. f. The shell now expands the history number (e.g., in PS1) even if it is not currently saving commands to the history list. g. `read -e' may now be used with arbitrary file descriptors (`read -u N'). h. The `select' builtin now runs traps if its internal call to the read builtin is interrupted by a signal. i. SRANDOM: a new variable that expands to a 32-bit random number that is not produced by an LCRNG, and uses getrandom/getentropy, falling back to /dev/urandom or arc4random if available. There is a fallback generator if none of these are available. j. shell-transpose-words: a new bindable readline command that uses the same definition of word as shell-forward-word, etc. k. The shell now adds default bindings for shell-forward-word, shell-backward-word, shell-transpose-words, and shell-kill-word. l. Bash now allows ARGV0 appearing in the initial shell environment to set $0. m. If `unset' is executed without option arguments, bash tries to unset a shell function if a name argument cannot be a shell variable name because it's not an identifier. n. The `test -N' operator uses nanosecond timestamp granularity if it's available. o. Bash posix mode now treats assignment statements preceding shell function definitions the same as in its default mode, since POSIX has changed and no longer requires those assignments to persist after the function returns (POSIX interp 654). p. BASH_REMATCH is no longer readonly. q. wait: has a new -p VARNAME option, which stores the PID returned by `wait -n' or `wait' without arguments. r. Sorting the results of pathname expansion now uses byte-by-byte comparisons if two strings collate equally to impose a total order; the result of a POSIX interpretation. s. Bash now allows SIGINT trap handlers to execute recursively. t. Bash now saves and restores state around setting and unsetting posix mode, instead of having unsetting posix mode set a known state. u. Process substitution is now available in posix mode. v. READLINE_MARK: a new variable available while executing commands bound with `bind -x', contains the value of the mark. w. Bash removes SIGCHLD from the set of blocked signals if it's blocked at shell startup. x. `test -v N' can now test whether or not positional parameter N is set. y. `local' now honors the `-p' option to display all local variables at the current context. z. The `@a' variable transformation now prints attributes for unset array variables. aa. The `@A' variable transformation now prints a declare command that sets a variable's attributes if the variable has attributes but is unset. bb. `declare' and `local' now have a -I option that inherits attributes and value from a variable with the same name at a previous scope. cc. When run from a -c command, `jobs' now reports the status of completed jobs. dd. New `U', `u', and `L' parameter transformations to convert to uppercase, convert first character to uppercase, and convert to lowercase, respectively. ee. PROMPT_COMMAND: can now be an array variable, each element of which can contain a command to be executed like a string PROMPT_COMMAND variable. ff. `ulimit' has a -R option to report and set the RLIMIT_RTTIME resource. gg. Associative arrays may be assigned using a list of key-value pairs within a compound assignment. Compound assignments where the words are not of the form [key]=value are assumed to be key-value assignments. A missing or empty key is an error; a missing value is treated as NULL. Assignments may not mix the two forms. hh. New `K' parameter transformation to display associative arrays as key- value pairs. ii. Writing history to syslog now handles messages longer than the syslog max length by writing multiple messages with a sequence number. jj. SECONDS and RANDOM may now be assigned using arithmetic expressions, since they are nominally integer variables. LINENO is not an integer variable. kk. Bash temporarily suppresses the verbose option when running the DEBUG trap while running a command from the `fc' builtin. ll. `wait -n' now accepts a list of job specifications as arguments and will wait for the first one in the list to change state. mm. The associative array implementation can now dynamically increase the size of the hash table based on insertion patterns. nn. HISTFILE is now readonly in a restricted shell. oo. The bash malloc now returns memory that is 16-byte aligned on 64-bit systems. pp. If the hash builtin is listing hashed filenames portably, don't print anything if the table is empty. qq. GLOBIGNORE now ignores `.' and `..' as a terminal pathname component. rr. Bash attempts to optimize away forks in the last command in a function body under appropriate circumstances. ss. The globbing code now uses fnmatch(3) to check collation elements (if available) even in cases without multibyte characters. tt. The `fg' and `bg' builtins now return an error in a command substitution when asked to restart a job inherited from the parent shell. uu. The shell now attempts to unlink all FIFOs on exit, whether a consuming process has finished with them or not. vv. There is a new contributed loadable builtin: asort. 2. New Features in Readline a. If a second consecutive completion attempt produces matches where the first did not, treat it as a new completion attempt and insert a match as appropriate. b. Bracketed paste mode works in more places: incremental search strings, vi overstrike mode, character search, and reading numeric arguments. c. Readline automatically switches to horizontal scrolling if the terminal has only one line. d. Unbinding all key sequences bound to a particular readline function now descends into keymaps for multi-key sequences. e. rl-clear-display: new bindable command that clears the screen and, if possible, the scrollback buffer (bound to emacs mode M-C-l by default). f. New active mark and face feature: when enabled, it will highlight the text inserted by a bracketed paste (the `active region') and the text found by incremental and non-incremental history searches. This is tied to bracketed paste and can be disabled by turning off bracketed paste. g. Readline sets the mark in several additional commands. h. Bracketed paste mode is enabled by default. i. Readline tries to take advantage of the more regular structure of UTF-8 characters to identify the beginning and end of characters when moving through the line buffer. j. The bindable operate-and-get-next command (and its default bindings) are now part of readline instead of a bash-specific addition. k. The signal cleanup code now blocks SIGINT while processing after a SIGINT.
-
GNU Bash 5.1 Released With New "SRANDOM" Variable As A New Means Of Randomness - Phoronix
Beyond the usual bug fixing, Readline updates, and other mostly mundane changes, one interesting addition to note with Bash 5.1 is the new SRANDOM variable. The SRANDOM variable provides random data from the system's entropy engine and cannot be reseeded. In particular, the SRANDOM variable provides a 32-bit random number that relies upon getrandom/getentropy -- with fall-backs to /dev/urandom or arc4random or even another fallback after that if necessary.
-
Bash 5.1 and Readline 8.1 released
Bash 5.1 is out. "This release fixes several outstanding bugs in bash-5.0 and introduces several new features. The most significant change is a return to the bash-4.4 behavior of not performing pathname expansion on a word that contains backslashes but does not contain any unquoted globbing special characters. This comes after a long POSIX discussion that resulted in a change to the standard. There are several changes regarding trap handling while reading from the terminal (e.g, for `read' and `select'.) There are a number of bug fixes, including several bugs that caused the shell to crash."
The readline library used in bash 5.1 has also been updated to version 8.1. "There are more improvements in the programming interface and new user-visible variables and bindable commands. There are a several new public API functions, but there should be no incompatible changes to existing APIs." -
Gnulib helps you avoid integer overflow vulnerabilities
Gnulib's intprops module has new macros INT_ADD_OK, INT_SUBTRACT_OK, and INT_MULTIPLY_OK that support portable overflow checking while doing integer arithmetic. On GNU platforms the macros typically use only a single machine instruction more than ordinary integer arithmetic would.
- Login or register to post comments
- Printer-friendly version
- 5256 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
GNU/Bash 5.1 released with the random ${SRANDOM} number engine
GNU/Bash 5.1 released with the random ${SRANDOM} number engine
More on Bash-5.1
SD Times news digest: Apache Kafka 2.7.0, Bash-5.1, and System.Text.Json updates
Bash 5.1 brings back older behavior
Bash 5.1 brings back older behavior
Bash 5.1 Reworks Pathname Expansion
Bash 5.1 Reworks Pathname Expansion