Language Selection

English French German Italian Portuguese Spanish

GNU Release of GNU Bash 5.1 and Gnulib for Security

Filed under
GNU
  • Bash-5.1 release available
    Introduction
    ============
    
    The first public release of bash-5.1 is now available with the URLs
    
    ftp://ftp.cwru.edu/pub/bash/bash-5.1.tar.gz
    ftp://ftp.gnu.org/pub/gnu/bash/bash-5.1.tar.gz
    
    and from the master branch of the bash git repository
    (http://git.savannah.gnu.org/cgit/bash.git/log/)
    and the usual GNU mirror sites.
    
    Bash is the GNU Project's Bourne Again SHell, a complete
    implementation of the POSIX shell spec, but also with interactive
    command line editing, job control on architectures that support it,
    csh-like features such as history substitution and brace expansion,
    and a slew of other features.  For more information on the features
    of Bash that are new to this type of shell, see the file
    `doc/bashref.texi'.  There is also a large Unix-style man page.  The
    man page is the definitive description of the shell's features. 
    
    This tar file includes the formatted documentation (pdf, postscript,
    dvi, info, and html, plus nroffed versions of the manual pages). 
    
    Please use `bashbug' to report bugs with this version.  It is built
    and installed at the same time as bash.
    
    Installation
    ============
    
    Please read the README file first.
    
    Installation instructions are provided in the INSTALL file.
    
    New Features
    ============
    
    This is the fifth major release of bash.
    
    Read the file NEWS in the bash-5.1 distribution for a complete description
    of the new features.  A copy of the relevant portions is included below. 
    
    This release fixes several outstanding bugs in bash-5.0 and introduces
    several new features.  The most significant change is a return to the
    bash-4.4 behavior of not performing pathname expansion on a word that
    contains backslashes but does not contain any unquoted globbing special
    characters.  This comes after a long POSIX discussion that resulted in a
    change to the standard.  There are several changes regarding trap handling
    while reading from the terminal (e.g, for `read' and `select'.) There are a
    number of bug fixes, including several bugs that caused the shell to crash. 
    Details are appended. 
    
    The most notable new features are in the random number engine. There is a
    new variable, SRANDOM, which gets its random data from the system's entropy
    engine and so is not linear and cannot be reseeded to get an identical
    random sequence. The PROMPT_COMMANDS array variable can be used to run
    multiple commands before printing the primary prompt. Associative arrays may
    be assigned using a series of key-value pairs within a compound assignment.
    `wait' has a new `-p' option which stores PID information about the process
    reaped by `wait -n'. Process substitution is now available in posix mode.
    There are new parameter transformation operators. There is no new `compat50'
    option; use the BASH_COMPAT variable to select the compatibility level.
    All the new features are described below.
    
    The most visible new feature is in Readline: the addition of `faces', which
    highlights the text between the point and mark (the region, so this is also
    called the 'active region'). This was added to show visibly the text
    inserted by bracketed paste, and also marks the text found by incremental
    and non-incremental history searches.  Faces are currently tied to
    bracketed paste and are enabled and disabled along with bracketed paste
    mode.  Bracketed paste mode is enabled by default. 
    
    There are a few incompatible changes between bash-5.0 and bash-5.1. The
    change to pathname expansion means that words containing backslashes, but no
    special globbing characters, will not undergo pathname expansion. While
    the bash-5.0 behavior was POSIX-conformant, the change was not well-received.
    Changes to the random number engines mean that seeding RANDOM will produce
    a different numeric sequence. Set the compatibility level to 50 to revert
    to the bash-5.0 behavior.
    
    Bash can be linked against an already-installed Readline library rather
    than the private version in lib/readline if desired.  Only readline-8.1 and
    later versions are able to provide all of the symbols that bash-5.1 requires;
    earlier versions of the Readline library will not work correctly. 
    
    A complete list of changes between bash-5.0 and bash-5.1 is available in
    the file CHANGES; the complete list is too large to include in this
    message. 
    
    Readline
    ========
    
    Also available is a new release of the standalone Readline library,
    version 8.1, with its own configuration scripts and Makefiles. 
    It can be retrieved with the URLs
    
    ftp://ftp.cwru.edu/pub/bash/readline-8.1.tar.gz
    ftp://ftp.gnu.org/pub/gnu/readline/readline-8.1.tar.gz
    
    and from the master branch of the GNU readline git repository
    (http://git.savannah.gnu.org/cgit/readline.git/log/)
    and the usual GNU mirror sites.
    
    The formatted Readline documentation is included in the readline
    distribution tar file.
    
    A separate announcement listing the changes in Readline is being
    distributed.
    
    As always, thanks for your help.
    
    Chet
    
    +========== NEWS ==========+
    This is a terse description of the new features added to bash-5.1 since
    the release of bash-5.0.  As always, the manual page (doc/bash.1) is
    the place to look for complete descriptions.
    
    1. New Features in Bash
    
    a. `bind -x' now supports different bindings for different editing modes and
       keymaps.
    
    b. Bash attempts to optimize the number of times it forks when executing
       commands in subshells and from `bash -c'.
    
    c. Here documents and here strings now use pipes for the expanded document if
       it's smaller than the pipe buffer size, reverting to temporary files if it's
       larger.
    
    d. There are new loadable builtins: mktemp, accept, mkfifo, csv, cut/lcut
    
    e. In posix mode, `trap -p' now displays signals whose disposition is SIG_DFL
       and those that were SIG_IGN when the shell starts.
    
    f. The shell now expands the history number (e.g., in PS1) even if it is not
       currently saving commands to the history list.
    
    g. `read -e' may now be used with arbitrary file descriptors (`read -u N').
    
    h. The `select' builtin now runs traps if its internal call to the read builtin
       is interrupted by a signal.
    
    i. SRANDOM: a new variable that expands to a 32-bit random number that is not
       produced by an LCRNG, and uses getrandom/getentropy, falling back to
       /dev/urandom or arc4random if available. There is a fallback generator if
       none of these are available.
    
    j. shell-transpose-words: a new bindable readline command that uses the same
       definition of word as shell-forward-word, etc.
    
    k. The shell now adds default bindings for shell-forward-word,
       shell-backward-word, shell-transpose-words, and shell-kill-word.
    
    l. Bash now allows ARGV0 appearing in the initial shell environment to set $0.
    
    m. If `unset' is executed without option arguments, bash tries to unset a shell
       function if a name argument cannot be a shell variable name because it's not
       an identifier.
    
    n. The `test -N' operator uses nanosecond timestamp granularity if it's
       available.
    
    o. Bash posix mode now treats assignment statements preceding shell function
       definitions the same as in its default mode, since POSIX has changed and
       no longer requires those assignments to persist after the function returns
       (POSIX interp 654).
    
    p. BASH_REMATCH is no longer readonly.
    
    q. wait: has a new -p VARNAME option, which stores the PID returned by `wait -n'
       or `wait' without arguments.
    
    r. Sorting the results of pathname expansion now uses byte-by-byte comparisons
       if two strings collate equally to impose a total order; the result of a
       POSIX interpretation.
    
    s. Bash now allows SIGINT trap handlers to execute recursively.
    
    t. Bash now saves and restores state around setting and unsetting posix mode,
       instead of having unsetting posix mode set a known state.
    
    u. Process substitution is now available in posix mode.
    
    v. READLINE_MARK: a new variable available while executing commands bound with
       `bind -x', contains the value of the mark.
    
    w. Bash removes SIGCHLD from the set of blocked signals if it's blocked at shell
       startup.
    
    x. `test -v N' can now test whether or not positional parameter N is set.
    
    y. `local' now honors the `-p' option to display all local variables at the
        current context.
    
    z. The `@a' variable transformation now prints attributes for unset array
       variables.
    
    aa. The `@A' variable transformation now prints a declare command that sets a
        variable's attributes if the variable has attributes but is unset.
    
    bb. `declare' and `local' now have a -I option that inherits attributes and
        value from a variable with the same name at a previous scope.
    
    cc. When run from a -c command, `jobs' now reports the status of completed jobs.
    
    dd. New `U', `u', and `L' parameter transformations to convert to uppercase,
        convert first character to uppercase, and convert to lowercase,
        respectively.
    
    ee. PROMPT_COMMAND: can now be an  array variable, each element of which can
        contain a command to be executed like a string PROMPT_COMMAND variable.
    
    ff. `ulimit' has a -R option to report and set the RLIMIT_RTTIME resource.
    
    gg. Associative arrays may be assigned using a list of key-value pairs within
        a compound assignment. Compound assignments where the words are not of
        the form [key]=value are assumed to be key-value assignments. A missing or
        empty key is an error; a missing value is treated as NULL. Assignments may
        not mix the two forms.
    
    hh. New `K' parameter transformation to display associative arrays as key-
        value pairs.
    
    ii. Writing history to syslog now handles messages longer than the syslog max
        length by writing multiple messages with a sequence number.
    
    jj. SECONDS and RANDOM may now be assigned using arithmetic expressions, since
        they are nominally integer variables. LINENO is not an integer variable.
    
    kk. Bash temporarily suppresses the verbose option when running the DEBUG trap
        while running a command from the `fc' builtin.
    
    ll. `wait -n' now accepts a list of job specifications as arguments and will
        wait for the first one in the list to change state.
    
    mm. The associative array implementation can now dynamically increase the
        size of the hash table based on insertion patterns.
    
    nn. HISTFILE is now readonly in a restricted shell.
    
    oo. The bash malloc now returns memory that is 16-byte aligned on 64-bit
        systems.
    
    pp. If the hash builtin is listing hashed filenames portably, don't print
       anything if the table is empty.
    
    qq. GLOBIGNORE now ignores `.' and `..' as a terminal pathname component.
    
    rr. Bash attempts to optimize away forks in the last command in a function body
        under appropriate circumstances.
    
    ss. The globbing code now uses fnmatch(3) to check collation elements (if
        available) even in cases without multibyte characters.
    
    tt. The `fg' and `bg' builtins now return an error in a command substitution
        when asked to restart a job inherited from the parent shell.
    
    uu. The shell now attempts to unlink all FIFOs on exit, whether a consuming
        process has finished with them or not.
    
    vv. There is a new contributed loadable builtin: asort.
    
    2. New Features in Readline
    
    a. If a second consecutive completion attempt produces matches where the first
       did not, treat it as a new completion attempt and insert a match as
       appropriate.
    
    b. Bracketed paste mode works in more places: incremental search strings, vi
       overstrike mode, character search, and reading numeric arguments.
    
    c. Readline automatically switches to horizontal scrolling if the terminal has
       only one line.
    
    d. Unbinding all key sequences bound to a particular readline function now
       descends into keymaps for multi-key sequences.
    
    e. rl-clear-display: new bindable command that clears the screen and, if
       possible, the scrollback buffer (bound to emacs mode M-C-l by default).
    
    f. New active mark and face feature: when enabled, it will highlight the text
       inserted by a bracketed paste (the `active region') and the text found by
       incremental and non-incremental history searches. This is tied to bracketed
       paste and can be disabled by turning off bracketed paste.
    
    g. Readline sets the mark in several additional commands.
    
    h. Bracketed paste mode is enabled by default.
    
    i. Readline tries to take advantage of the more regular structure of UTF-8
       characters to identify the beginning and end of characters when moving
       through the line buffer.
    
    j. The bindable operate-and-get-next command (and its default bindings) are
       now part of readline instead of a bash-specific addition.
    
    k. The signal cleanup code now blocks SIGINT while processing after a SIGINT.
    
    
  • GNU Bash 5.1 Released With New "SRANDOM" Variable As A New Means Of Randomness - Phoronix

    Beyond the usual bug fixing, Readline updates, and other mostly mundane changes, one interesting addition to note with Bash 5.1 is the new SRANDOM variable. The SRANDOM variable provides random data from the system's entropy engine and cannot be reseeded. In particular, the SRANDOM variable provides a 32-bit random number that relies upon getrandom/getentropy -- with fall-backs to /dev/urandom or arc4random or even another fallback after that if necessary.

  • Bash 5.1 and Readline 8.1 released

    Bash 5.1 is out. "This release fixes several outstanding bugs in bash-5.0 and introduces several new features. The most significant change is a return to the bash-4.4 behavior of not performing pathname expansion on a word that contains backslashes but does not contain any unquoted globbing special characters. This comes after a long POSIX discussion that resulted in a change to the standard. There are several changes regarding trap handling while reading from the terminal (e.g, for `read' and `select'.) There are a number of bug fixes, including several bugs that caused the shell to crash."
    The readline library used in bash 5.1 has also been updated to version 8.1. "There are more improvements in the programming interface and new user-visible variables and bindable commands. There are a several new public API functions, but there should be no incompatible changes to existing APIs."

  • Gnulib helps you avoid integer overflow vulnerabilities

    Gnulib's intprops module has new macros INT_ADD_OK, INT_SUBTRACT_OK, and INT_MULTIPLY_OK that support portable overflow checking while doing integer arithmetic. On GNU platforms the macros typically use only a single machine instruction more than ordinary integer arithmetic would.

GNU/Bash 5.1 released with the random ${SRANDOM} number engine

  • GNU/Bash 5.1 released with the random ${SRANDOM} number engine

    Current GNU/Bash maintainer Chet Ramey announced the latest major release, Bash 5.1, on December 7th, 2020. Bash is the default shell on many Linux distros and popular among developers, especially those working with Linux containers. It is the fifth major release of bash. It came with a new enhanced random number generation and added a new variable called SRANDOM. Let us see how to install and use newly released GNU/BASH 5.1 on Linux.

    [...]

    Apart from enhanced random number generation and added a new variable called $SRANDOM in GNU/Bash 5.1, we see many other minor enhancements. Head over to the GNU bash project homepage to grab the latest software.

More on Bash-5.1

  • SD Times news digest: Apache Kafka 2.7.0, Bash-5.1, and System.Text.Json updates

    Bash is a GNU project bourne again shell that features interactive command line editing, job control, support for csh-like features, and history substitution.

    The release also includes several outstanding bug fixes. In a post, the team explained the biggest change is “a return to the bash-4.4 behavior of not performing pathname expansion on a word that contains backslashes but does not contain any unquoted globbing special characters.”

Bash 5.1 brings back older behavior

  • Bash 5.1 brings back older behavior

    Bash 5.1, described as the fifth major release of the Unix and Linux shell in a release bulletin, was published earlier this month, featuring a return to Bash 4.4 behavior regarding pathname expansion.

    Called the most significant change in the new release, the return to Bash 4.4 behavior involves not performing pathname expansion on a word that contains backslashes but does not contain unquoted globbing special characters. The Bash 5.1 release also introduces changes in trap handling while reading from the terminal, and it fixes a number of bugs including several that caused the shell to crash.

Bash 5.1 Reworks Pathname Expansion

  • Bash 5.1 Reworks Pathname Expansion

    The fifth major release of Bash has been released with improvements including a rework of the way pathname expansion is handled.

    Bash is the GNU Project's Bourne Again SHell, a complete implementation of the POSIX shell spec. It also comes with interactive command line editing, job control on architectures that support it, csh-like features such as history substitution and brace expansion.

    The most significant change to the new version is the result of bash users complaining about the way the previous release handled particular varieties of pathnames. This was discussed at length on POSIX.

    Bash 5.1 now handles pathname expansion in the same way bash-4.4 used to. In other words, text is not expanded as a pathname if the word contains backslashes but does not contain any unquoted globbing special characters.

    The new release also has changes to trap handling when reading from the terminal such as when performing reads and selects, with several bug fixes to fix bugs that caused the shell to crash.

    Another improvement is to the random number engine. There's a new variable, SRANDOM, that gets its random data from the system's entropy engine. This means it avoids being linear and cannot be reseeded to get an identical random sequence.

    Array handling has also been improved, with a new array variable that can be used to run multiple commands before printing the primary prompt. You can also assign a series of key-value pairs within a compound assignment.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

digiKam 7.7.0 is released

After three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. Read more

Dilution and Misuse of the "Linux" Brand

Samsung, Red Hat to Work on Linux Drivers for Future Tech

The metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. Read more

today's howtos

  • How to install go1.19beta on Ubuntu 22.04 – NextGenTips

    In this tutorial, we are going to explore how to install go on Ubuntu 22.04 Golang is an open-source programming language that is easy to learn and use. It is built-in concurrency and has a robust standard library. It is reliable, builds fast, and efficient software that scales fast. Its concurrency mechanisms make it easy to write programs that get the most out of multicore and networked machines, while its novel-type systems enable flexible and modular program constructions. Go compiles quickly to machine code and has the convenience of garbage collection and the power of run-time reflection. In this guide, we are going to learn how to install golang 1.19beta on Ubuntu 22.04. Go 1.19beta1 is not yet released. There is so much work in progress with all the documentation.

  • molecule test: failed to connect to bus in systemd container - openQA bites

    Ansible Molecule is a project to help you test your ansible roles. I’m using molecule for automatically testing the ansible roles of geekoops.

  • How To Install MongoDB on AlmaLinux 9 - idroot

    In this tutorial, we will show you how to install MongoDB on AlmaLinux 9. For those of you who didn’t know, MongoDB is a high-performance, highly scalable document-oriented NoSQL database. Unlike in SQL databases where data is stored in rows and columns inside tables, in MongoDB, data is structured in JSON-like format inside records which are referred to as documents. The open-source attribute of MongoDB as a database software makes it an ideal candidate for almost any database-related project. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the MongoDB NoSQL database on AlmaLinux 9. You can follow the same instructions for CentOS and Rocky Linux.

  • An introduction (and how-to) to Plugin Loader for the Steam Deck. - Invidious
  • Self-host a Ghost Blog With Traefik

    Ghost is a very popular open-source content management system. Started as an alternative to WordPress and it went on to become an alternative to Substack by focusing on membership and newsletter. The creators of Ghost offer managed Pro hosting but it may not fit everyone's budget. Alternatively, you can self-host it on your own cloud servers. On Linux handbook, we already have a guide on deploying Ghost with Docker in a reverse proxy setup. Instead of Ngnix reverse proxy, you can also use another software called Traefik with Docker. It is a popular open-source cloud-native application proxy, API Gateway, Edge-router, and more. I use Traefik to secure my websites using an SSL certificate obtained from Let's Encrypt. Once deployed, Traefik can automatically manage your certificates and their renewals. In this tutorial, I'll share the necessary steps for deploying a Ghost blog with Docker and Traefik.