From proff Wed Aug 28 10:36:16 1996 Received: (proff@localhost) by suburbia.net (8.7.4/Proff-950810) id KAA16823 for best-of-security; Wed, 28 Aug 1996 10:36:16 +1000 Received: from ns2.harborcom.net (root@ns2.harborcom.net [206.158.4.4]) by suburbia.net (8.7.4/Proff-950810) with ESMTP id EAA25879 for ; Wed, 28 Aug 1996 04:51:18 +1000 Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.4]) by ns2.harborcom.net (8.7.4/8.6.12) with ESMTP id OAA00683; Tue, 27 Aug 1996 14:29:18 -0400 (EDT) Received: from localhost (daemon@localhost) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id LAA18869; Tue, 27 Aug 1996 11:13:41 -0700 (PDT) Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA18820 for hackers-outgoing; Tue, 27 Aug 1996 11:12:54 -0700 (PDT) Received: from who.cdrom.com (who.cdrom.com [204.216.27.3]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id LAA18815 for ; Tue, 27 Aug 1996 11:12:52 -0700 (PDT) Received: from odin.INS.CWRU.Edu (odin.INS.CWRU.Edu [129.22.8.102]) by who.cdrom.com (8.7.5/8.6.11) with ESMTP id LAA00298 for ; Tue, 27 Aug 1996 11:12:49 -0700 (PDT) Received: (chet@localhost) by odin.INS.CWRU.Edu (8.6.12+cwru/CWRU-2.2-ins) id OAA20755; Tue, 27 Aug 1996 14:11:02 -0400 (from chet for freebsd-hackers@freefall.freebsd.org) Date: Tue, 27 Aug 1996 14:11:02 -0400 From: Chet Ramey To: freebsd-hackers@freefall.freebsd.org Subject: Bash-1.14.7 released Reply-To: chet@po.CWRU.Edu Message-ID: <9608271806.AA20440.SM@odin.INS.CWRU.Edu> Read-Receipt-To: chet@po.CWRU.Edu MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: proff X-Loop: FreeBSD.org Precedence: bulk The seventh patch release of Bash-1.14 is available for anonymous FTP with the URL ftp://slc2.ins.cwru.edu/pub/dist/bash-1.14.7.tar.gz Diffs from version 1.14.6 are available as ftp://slc2.ins.cwru.edu/pub/dist/bash-1.14.6-1.14.7.diff.gz A document describing the fixes made in bash-1.14.7 is in the file NEWS in the distribution. A copy is appended. This release adds no new features and fixes two bugs. It's being made as a result of the recent security problem. To apply diffs to an existing bash-1.14.6 installation to bring it up to 1.14.7, cd to the bash-1.14.6 source directory and type `patch -p1 < patch-file'. These files will soon be available for anonymous FTP from the usual GNU archives. Bug reports concerning bash may be sent to bug-bash@prep.ai.mit.edu. There is a `bashbug' program in the distribution that should be used to report bugs. ========== NEWS ========== This file documents the bugs fixed between this release, bash-1.14.7, and the last public bash release, 1.14.6. 1. Bugs fixed in Bash a. A memory leak that caused long-running scripts to eventually consume all available memory was fixed. b. A sign-extension bug that caused a security hole for non-interactive shells was fixed. -- ``The lyf so short, the craft so long to lerne.'' - Chaucer Chet Ramey, Case Western Reserve University Internet: chet@po.CWRU.Edu