New bash vulnerability.
Thu Sep 25 04:49:00 GMT 2014
Am 24.09.2014, 19:53 Uhr, schrieb Eric Blake:
> On 09/24/2014 12:12 PM, David Young wrote:
>> I've been seeing some traffic on this new bash vulnerability and
>> wanted to know if cygwin team will be updating bash with these
> Already done. Upgrade to 4.1.12-5.
>> Alternatively, is there a build guide that I can use to compile
>> bash-src with this patch myself? After extracting the cygwin bash-src
Haven't looked at cygport, but bash builds nearly out-of-the box from the
Only change is
/*#define HAVE_POSIX_SIGSETJMP 1*/
in config.h. That is because sigsetjmp is a macro in
/usr/include/machine/setjmp.h using setjmp and setjmp is a marco in bash
somewhere using sigsetjmp if I recall right. This should be fixed in the
GNU bash, version 4.3.24(13)-release (i686-pc-cygwin)
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
This is free software; you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Problem reports: http://cygwin.com/problems.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin