This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: New bash vulnerability.

Am 24.09.2014, 19:53 Uhr, schrieb Eric Blake:

On 09/24/2014 12:12 PM, David Young wrote:

I've been seeing some traffic on this new bash vulnerability and
wanted to know if cygwin team will be updating bash with these

Already done.  Upgrade to 4.1.12-5.

Alternatively, is there a build guide that I can use to compile
bash-src with this patch myself?  After extracting the cygwin bash-src

Haven't looked at cygport, but bash builds nearly out-of-the box from the original sources:


Only change is


in config.h. That is because sigsetjmp is a macro in /usr/include/machine/setjmp.h using setjmp and setjmp is a marco in bash somewhere using sigsetjmp if I recall right. This should be fixed in the cygwin-header.

1144/usr/src/bash/bash#bash --version
GNU bash, version 4.3.24(13)-release (i686-pc-cygwin)
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <>

This is free software; you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.



Problem reports:
Unsubscribe info:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]