RHBA-2008:0380 - Bug Fix Advisory

Topic

An updated bash package that fixes several bugs is now available.

Description

Bash is the default shell for Red Hat Enterprise Linux.

This updated package fixes the following bugs:

• bash did not close two-digit or more file descriptors, such as

"[n]<&-". In this updated package, file descriptors work as expected.

• the "/etc/skel/.bash_logout" file invoked the "clear" command. This

could break if a user changed their "$PATH" variable. In this updated
package, "/etc/skel/.bash_logout" calls the "clear" command using the full
path, "/usr/bin/clear", which resolves this issue.

• in certain situations, on systems using UTF-8 locales, starting an

incremental backwards search using "Crtl+R", and then cancelling the search
using "Ctrl+G", resulted in the cursor being in the wrong position, for
example, over the bash prompt text, as exported using the "$PS1" variable.

• the bash man page has been updated to reflect the correct behavior of

special built-in commands, such as "eval", "exec", and "set", when using
the "posix" mode.

• the bash man page stated that the maximum resident set size could be set

using the "ulimit -m" option; however, this option does not have any affect
on Linux, and as such, this option has been removed from the bash man page.

• the bash man page has been updated to explain bash's use of aliases in

non-interactive scripts.

• bash had problems handling certain multibyte strings in the command line,

which could have caused a segmentation fault.

• certain expressions in parameter expansions caused a double-free error,

and caused bash to crash.

• bash mishandled sub-processes that used recycled PIDs. Bash did not wait

for processes using a recycled PID to finish, causing, for example, sleep
to have no effect. This issue may have affected other commands.

As well, this updated package upgrades bash to version 3.2. For a full list
of bug fixes and enhancements, please refere to the bash 3.2 changelog:
http://tiswww.tis.case.edu/~chet/bash/CHANGES

Note: this changelog will be updated after future bash releases.

Users of bash are advised to upgrade to this updated package, which
resolves these issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux Desktop 5 x86_64
• Red Hat Enterprise Linux Desktop 5 i386
• Red Hat Enterprise Linux for IBM z Systems 5 s390x
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 217394 - bash does not close filehandles when asked.
• BZ - 223963 - .bash_logout: use full path for 'clear'
• BZ - 242683 - Bad position of cursor in bash
• BZ - 245641 - [RHEL5 Doc]: Certain bash commands have differing behavior when run as "sh" vs. "bash"
• BZ - 249566 - 'ulimit -m' does not limit Resident Set Size
• BZ - 253673 - Bash man page correction for alias expansion.
• BZ - 380421 - tracker bug for bash 3.2 rebase

CVEs

(none)

References

(none)