Adding debian version 5.2.15-2.debian/5.2.15-2debian

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

36 files changed, 2019 insertions, 0 deletions

diff --git a/debian/patches/bash-aliases-repeat.diff b/debian/patches/bash-aliases-repeat.diff
new file mode 100644
index 0000000..e805473
--- /dev/null
+++ b/debian/patches/bash-aliases-repeat.diff
@@ -0,0 +1,28 @@
+# DP: Fix bug in Bash_aliases example.
+
+--- a/examples/startup-files/Bash_aliases
++++ b/examples/startup-files/Bash_aliases
+@@ -41,20 +41,20 @@
+ { 
+     local count="$1" i;
+     shift;
+-    for i in $(seq 1 "$count");
++    for i in $(_seq 1 "$count");
+     do
+         eval "$@";
+     done
+ }
+ 
+ # Subfunction needed by `repeat'.
+-seq ()
++_seq ()
+ { 
+     local lower upper output;
+     lower=$1 upper=$2;
+ 
+     if [ $lower -ge $upper ]; then return; fi
+-    while [ $lower -le $upper ];
++    while [ $lower -lt $upper ];
+     do
+ 	echo -n "$lower "
+         lower=$(($lower + 1))
diff --git a/debian/patches/bash-default-editor.diff b/debian/patches/bash-default-editor.diff
new file mode 100644
index 0000000..0784aa5
--- /dev/null
+++ b/debian/patches/bash-default-editor.diff
@@ -0,0 +1,31 @@
+# DP: Use `command -v editor`, as an editor, if available.
+
+--- a/bashline.c
++++ b/bashline.c
+@@ -936,8 +936,8 @@ hostnames_matching (text)
+    command being entered (if no explicit argument is given), otherwise on
+    a command from the history file. */
+ 
+-#define VI_EDIT_COMMAND		"fc -e \"${VISUAL:-${EDITOR:-vi}}\""
+-#define EMACS_EDIT_COMMAND	"fc -e \"${VISUAL:-${EDITOR:-emacs}}\""
++#define VI_EDIT_COMMAND		"fc -e \"${VISUAL:-${EDITOR:-$(command -v editor || echo vi)}}\""
++#define EMACS_EDIT_COMMAND	"fc -e \"${VISUAL:-${EDITOR:-$(command -v editor || echo emacs)}}\""
+ #define POSIX_VI_EDIT_COMMAND	"fc -e vi"
+ 
+ static int
+--- a/builtins/fc.def
++++ b/builtins/fc.def
+@@ -171,11 +171,11 @@ set_verbose_flag ()
+ }
+ 
+ /* String to execute on a file that we want to edit. */
+-#define FC_EDIT_COMMAND "${FCEDIT:-${EDITOR:-vi}}"
++#define FC_EDIT_COMMAND "${FCEDIT:-${EDITOR:-$(command -v editor || echo vi)}}"
+ #if defined (STRICT_POSIX)
+ #  define POSIX_FC_EDIT_COMMAND "${FCEDIT:-ed}"
+ #else
+-#  define POSIX_FC_EDIT_COMMAND "${FCEDIT:-${EDITOR:-ed}}"
++#  define POSIX_FC_EDIT_COMMAND "${FCEDIT:-${EDITOR:-$(command -v editor || echo ed)}}"
+ #endif
+ 
+ int
diff --git a/debian/patches/bash-musl.diff b/debian/patches/bash-musl.diff
new file mode 100644
index 0000000..9f3cb1e
--- /dev/null
+++ b/debian/patches/bash-musl.diff
@@ -0,0 +1,11 @@
+--- a/m4/strtoimax.m4
++++ b/m4/strtoimax.m4
+@@ -29,7 +29,7 @@
+   fi
+ ])
+ AC_MSG_RESULT($bash_cv_func_strtoimax)
+-if test $bash_cv_func_strtoimax = yes; then
++if test $bash_cv_func_strtoimax = no; then
+ AC_LIBOBJ(strtoimax)
+ fi
+ ])
diff --git a/debian/patches/bash52-001.diff b/debian/patches/bash52-001.diff
new file mode 100644
index 0000000..b4a3953
--- /dev/null
+++ b/debian/patches/bash52-001.diff
@@ -0,0 +1,35 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	5.2
+Patch-ID:	bash52-001
+
+Bug-Reported-by:	Emanuele Torre <torreemanuele6@gmail.com>
+Bug-Reference-ID:	<CAA7hNqeR1eSdiGK8mjQSqJPo815JYoG-Ekz-5PrAJTEYy2e6hg@mail.gmail.com>
+Bug-Reference-URL:	https://lists.gnu.org/archive/html/bug-bash/2022-09/msg00060.html
+
+Bug-Description:
+
+Expanding unset arrays in an arithmetic context can cause a segmentation fault.
+
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+    regexp `^#define[ 	]*PATCHLEVEL', since that's what support/mkversion.sh
+    looks for to find the patch level (for the sccs version string). */
+ 
+-#define PATCHLEVEL 0
++#define PATCHLEVEL 1
+ 
+ #endif /* _PATCHLEVEL_H_ */
+--- a/subst.c
++++ b/subst.c
+@@ -10857,7 +10857,7 @@ expand_array_subscript (string, sindex,
+   exp = substring (string, si+1, ni);
+   t = expand_subscript_string (exp, quoted & ~(Q_ARITH|Q_DOUBLE_QUOTES));
+   free (exp);
+-  exp = sh_backslash_quote (t, abstab, 0);
++  exp = t ? sh_backslash_quote (t, abstab, 0) : savestring ("");
+   free (t);
+ 
+   slen = STRLEN (exp);
diff --git a/debian/patches/bash52-002.diff b/debian/patches/bash52-002.diff
new file mode 100644
index 0000000..a548800
--- /dev/null
+++ b/debian/patches/bash52-002.diff
@@ -0,0 +1,38 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	5.2
+Patch-ID:	bash52-002
+
+Bug-Reported-by:	Kan-Ru Chen <koster@debian.org>
+Bug-Reference-ID:
+Bug-Reference-URL:	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021109
+
+Bug-Description:
+
+Starting bash with an invalid locale specification for LC_ALL/LANG/LC_CTYPE
+can cause the shell to crash.
+
+--- a/lib/readline/nls.c
++++ b/lib/readline/nls.c
+@@ -141,6 +141,10 @@ _rl_init_locale (void)
+   if (lspec == 0)
+     lspec = "";
+   ret = setlocale (LC_CTYPE, lspec);	/* ok, since it does not change locale */
++  if (ret == 0 || *ret == 0)
++    ret = setlocale (LC_CTYPE, (char *)NULL);
++  if (ret == 0 || *ret == 0)
++    ret = RL_DEFAULT_LOCALE;
+ #else
+   ret = (lspec == 0 || *lspec == 0) ? RL_DEFAULT_LOCALE : lspec;
+ #endif
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+    regexp `^#define[ 	]*PATCHLEVEL', since that's what support/mkversion.sh
+    looks for to find the patch level (for the sccs version string). */
+ 
+-#define PATCHLEVEL 1
++#define PATCHLEVEL 2
+ 
+ #endif /* _PATCHLEVEL_H_ */
diff --git a/debian/patches/bash52-003.diff b/debian/patches/bash52-003.diff
new file mode 100644
index 0000000..c81c8f2
--- /dev/null
+++ b/debian/patches/bash52-003.diff
@@ -0,0 +1,74 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	5.2
+Patch-ID:	bash52-003
+
+Bug-Reported-by:	 D630 <d630@posteo.net>
+Bug-Reference-ID:	<cf8523d58ac75b9ffba9519faa175618@posteo.de>
+Bug-Reference-URL:	https://lists.gnu.org/archive/html/bug-bash/2022-10/msg00092.html
+
+Bug-Description:
+
+Command substitutions need to preserve newlines instead of replacing them
+with semicolons, especially in the presence of multiple here-documents.
+
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+    regexp `^#define[ 	]*PATCHLEVEL', since that's what support/mkversion.sh
+    looks for to find the patch level (for the sccs version string). */
+ 
+-#define PATCHLEVEL 2
++#define PATCHLEVEL 3
+ 
+ #endif /* _PATCHLEVEL_H_ */
+--- a/print_cmd.c
++++ b/print_cmd.c
+@@ -297,10 +297,12 @@ make_command_string_internal (command)
+ 	    case '\n':				/* special case this */
+ 	      {
+ 		char c = command->value.Connection->connector;
++		int was_newline;
+ 
+ 		s[0] = printing_comsub ? c : ';';
+ 		s[1] = '\0';
+ 
++		was_newline = deferred_heredocs == 0 && was_heredoc == 0 && c == '\n';
+ 		if (deferred_heredocs == 0)
+ 		  {
+ 		    if (was_heredoc == 0)
+@@ -314,6 +316,8 @@ make_command_string_internal (command)
+ 
+ 		if (inside_function_def)
+ 		  cprintf ("\n");
++		else if (printing_comsub && c == '\n' && was_newline == 0)
++		  cprintf ("\n");	/* preserve newlines in comsubs but don't double them */
+ 		else
+ 		  {
+ 		    if (c == ';')
+@@ -1365,7 +1369,11 @@ print_function_def (func)
+       cmdcopy->redirects = func_redirects;
+     }
+   else
+-    newline ("}");
++    {
++      /* { */
++      newline ("}");
++      was_heredoc = 0;		/* not printing any here-documents now */
++    }
+ 
+   dispose_command (cmdcopy);
+ }
+@@ -1442,7 +1450,10 @@ named_function_string (name, command, fl
+       cmdcopy->redirects = func_redirects;
+     }
+   else
+-    newline ("}");
++    {	/* { */
++      newline ("}");
++      was_heredoc = 0;
++    }
+ 
+   result = the_printed_command;
+ 
diff --git a/debian/patches/bash52-004.diff b/debian/patches/bash52-004.diff
new file mode 100644
index 0000000..4309e61
--- /dev/null
+++ b/debian/patches/bash52-004.diff
@@ -0,0 +1,63 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	5.2
+Patch-ID:	bash52-004
+
+Bug-Reported-by:	Antoine <bug-bash@glitchimini.net>
+Bug-Reference-ID:	<8bd59753-05ff-9b09-2337-2c7f52ded650@glitchimini.net>
+Bug-Reference-URL:	https://lists.gnu.org/archive/html/bug-bash/2022-10/msg00022.html
+
+Bug-Description:
+
+Bash needs to keep better track of nested brace expansions to avoid problems
+with quoting and POSIX semantics.
+
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+    regexp `^#define[ 	]*PATCHLEVEL', since that's what support/mkversion.sh
+    looks for to find the patch level (for the sccs version string). */
+ 
+-#define PATCHLEVEL 3
++#define PATCHLEVEL 4
+ 
+ #endif /* _PATCHLEVEL_H_ */
+--- a/subst.c
++++ b/subst.c
+@@ -1798,6 +1798,9 @@ extract_heredoc_dolbrace_string (string,
+   return (result);
+ }
+ 
++#define PARAMEXPNEST_MAX	32	// for now
++static int dbstate[PARAMEXPNEST_MAX];
++
+ /* Extract a parameter expansion expression within ${ and } from STRING.
+    Obey the Posix.2 rules for finding the ending `}': count braces while
+    skipping over enclosed quoted strings and command substitutions.
+@@ -1828,6 +1831,8 @@ extract_dollar_brace_string (string, sin
+   if (quoted == Q_HERE_DOCUMENT && dolbrace_state == DOLBRACE_QUOTE && (flags & SX_NOALLOC) == 0)
+     return (extract_heredoc_dolbrace_string (string, sindex, quoted, flags));
+ 
++  dbstate[0] = dolbrace_state;
++
+   pass_character = 0;
+   nesting_level = 1;
+   slen = strlen (string + *sindex) + *sindex;
+@@ -1852,6 +1857,8 @@ extract_dollar_brace_string (string, sin
+ 
+       if (string[i] == '$' && string[i+1] == LBRACE)
+ 	{
++	  if (nesting_level < PARAMEXPNEST_MAX)
++	    dbstate[nesting_level] = dolbrace_state;
+ 	  nesting_level++;
+ 	  i += 2;
+ 	  if (dolbrace_state == DOLBRACE_QUOTE || dolbrace_state == DOLBRACE_WORD)
+@@ -1864,6 +1871,7 @@ extract_dollar_brace_string (string, sin
+ 	  nesting_level--;
+ 	  if (nesting_level == 0)
+ 	    break;
++	  dolbrace_state = (nesting_level < PARAMEXPNEST_MAX) ? dbstate[nesting_level] : dbstate[0];	/* Guess using initial state */
+ 	  i++;
+ 	  continue;
+ 	}
diff --git a/debian/patches/bash52-005.diff b/debian/patches/bash52-005.diff
new file mode 100644
index 0000000..d49336e
--- /dev/null
+++ b/debian/patches/bash52-005.diff
@@ -0,0 +1,36 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	5.2
+Patch-ID:	bash52-005
+
+Bug-Reported-by:	Justin Wood (Callek) <callek@gmail.com>
+Bug-Reference-ID:	<CANBDKY9fp2yiXONP7RY4kNuRteuovUebxSJaqePHeu7cyaFS9Q@mail.gmail.com>
+Bug-Reference-URL:	https://lists.gnu.org/archive/html/bug-bash/2022-10/msg00088.html
+
+Bug-Description:
+
+Null pattern substitution replacement strings can cause a crash.
+
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+    regexp `^#define[ 	]*PATCHLEVEL', since that's what support/mkversion.sh
+    looks for to find the patch level (for the sccs version string). */
+ 
+-#define PATCHLEVEL 4
++#define PATCHLEVEL 5
+ 
+ #endif /* _PATCHLEVEL_H_ */
+--- a/subst.c
++++ b/subst.c
+@@ -8965,7 +8965,8 @@ pat_subst (string, pat, rep, mflags)
+       return (ret);
+     }
+   else if (*string == 0 && (match_pattern (string, pat, mtype, &s, &e) != 0))
+-    return ((mflags & MATCH_EXPREP) ? strcreplace (rep, '&', "", 2) : savestring (rep));
++    return (mflags & MATCH_EXPREP) ? strcreplace (rep, '&', "", 2)
++				   : (rep ? savestring (rep) : savestring (""));
+ 
+   ret = (char *)xmalloc (rsize = 64);
+   ret[0] = '\0';
diff --git a/debian/patches/bash52-006.diff b/debian/patches/bash52-006.diff
new file mode 100644
index 0000000..32a0a65
--- /dev/null
+++ b/debian/patches/bash52-006.diff
@@ -0,0 +1,236 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	5.2
+Patch-ID:	bash52-006
+
+Bug-Reported-by:	feng xiangjun <fengxj325@gmail.com>
+Bug-Reference-ID:	<CAHH2t87LrCmO=gdyWOmGn5WJt7EucL+iOXzrry34OETe50S6uA@mail.gmail.com>
+Bug-Reference-URL:	https://lists.gnu.org/archive/html/bug-bash/2022-10/msg00089.html
+
+Bug-Description:
+
+In interactive shells, interrupting the shell while entering a command
+substitution can inhibit alias expansion.
+
+--- a/builtins/common.h
++++ b/builtins/common.h
+@@ -257,6 +257,8 @@ extern int print_shift_error;
+ extern int expand_once_flag;
+ #endif
+ 
++extern int expaliases_flag;
++
+ /* variables from source.def */
+ extern int source_searches_cwd;
+ extern int source_uses_path;
+--- a/builtins/shopt.def
++++ b/builtins/shopt.def
+@@ -149,6 +149,9 @@ static int shopt_set_complete_direxpand
+ static int set_assoc_expand PARAMS((char *, int));
+ #endif
+ 
++int expaliases_flag = 0;
++static int shopt_set_expaliases PARAMS((char *, int));
++
+ static int shopt_set_debug_mode PARAMS((char *, int));
+ 
+ static int shopt_login_shell;
+@@ -198,7 +201,7 @@ static struct {
+ #endif
+   { "dotglob", &glob_dot_filenames, (shopt_set_func_t *)NULL },
+   { "execfail", &no_exit_on_failed_exec, (shopt_set_func_t *)NULL },
+-  { "expand_aliases", &expand_aliases, (shopt_set_func_t *)NULL },
++  { "expand_aliases", &expaliases_flag, shopt_set_expaliases },
+ #if defined (DEBUGGER)
+   { "extdebug", &debugging_mode, shopt_set_debug_mode },
+ #endif
+@@ -350,7 +353,7 @@ reset_shopt_options ()
+   check_window_size = CHECKWINSIZE_DEFAULT;
+   allow_null_glob_expansion = glob_dot_filenames = 0;
+   no_exit_on_failed_exec = 0;
+-  expand_aliases = 0;
++  expand_aliases = expaliases_flag = 0;
+   extended_quote = 1;
+   fail_glob_expansion = 0;
+   glob_asciirange = GLOBASCII_DEFAULT;
+@@ -631,6 +634,15 @@ shopt_set_debug_mode (option_name, mode)
+   return (0);
+ }
+ 
++static int
++shopt_set_expaliases (option_name, mode)
++     char *option_name;
++     int mode;
++{
++  expand_aliases = expaliases_flag;
++  return 0;
++}
++
+ #if defined (READLINE)
+ static int
+ shopt_enable_hostname_completion (option_name, mode)
+--- a/execute_cmd.c
++++ b/execute_cmd.c
+@@ -1536,7 +1536,7 @@ execute_in_subshell (command, asynchrono
+ 	 expansion with `shopt -s expand_alias' to continue to expand
+ 	 aliases. */
+       if (ois != interactive_shell)
+-	expand_aliases = 0;
++	expand_aliases = expaliases_flag = 0;
+     }
+ 
+   /* Subshells are neither login nor interactive. */
+--- a/general.c
++++ b/general.c
+@@ -91,7 +91,7 @@ static struct {
+ {
+   &interactive_comments,
+   &source_uses_path,
+-  &expand_aliases,
++  &expaliases_flag,
+   &inherit_errexit,
+   &print_shift_error,
+   0
+@@ -106,7 +106,8 @@ posix_initialize (on)
+   /* Things that should be turned on when posix mode is enabled. */
+   if (on != 0)
+     {
+-      interactive_comments = source_uses_path = expand_aliases = 1;
++      interactive_comments = source_uses_path = 1;
++      expand_aliases = expaliases_flag = 1;
+       inherit_errexit = 1;
+       source_searches_cwd = 0;
+       print_shift_error = 1;
+@@ -116,13 +117,14 @@ posix_initialize (on)
+   else if (saved_posix_vars)		/* on == 0, restore saved settings */
+     {
+       set_posix_options (saved_posix_vars);
++      expand_aliases = expaliases_flag;
+       free (saved_posix_vars);
+       saved_posix_vars = 0;
+     }
+   else	/* on == 0, restore a default set of settings */
+     {
+       source_searches_cwd = 1;
+-      expand_aliases = interactive_shell;
++      expand_aliases = expaliases_flag = interactive_shell;	/* XXX */
+       print_shift_error = 0;
+     }
+ }
+--- a/parse.y
++++ b/parse.y
+@@ -3306,6 +3306,8 @@ reset_parser ()
+   if (parser_state & (PST_EXTPAT|PST_CMDSUBST))
+     extended_glob = global_extglob;
+ #endif
++  if (parser_state & (PST_CMDSUBST|PST_STRING))
++    expand_aliases = expaliases_flag;
+ 
+   parser_state = 0;
+   here_doc_first_line = 0;
+@@ -4388,6 +4390,7 @@ parse_string_to_command (string, flags)
+   if (flags & SX_COMPLETE)
+     parser_state |= PST_NOERROR;
+ 
++  parser_state |= PST_STRING;
+   expand_aliases = 0;
+ 
+   cmd = 0;
+@@ -6401,7 +6404,7 @@ parse_string_to_word_list (s, flags, who
+       /* State flags we don't want to persist into compound assignments. */
+       parser_state &= ~PST_NOEXPAND;	/* parse_comsub sentinel */
+       /* State flags we want to set for this run through the tokenizer. */
+-      parser_state |= PST_COMPASSIGN|PST_REPARSE;
++      parser_state |= PST_COMPASSIGN|PST_REPARSE|PST_STRING;
+     }
+ 
+   while ((tok = read_token (READ)) != yacc_EOF)
+--- a/parser.h
++++ b/parser.h
+@@ -50,6 +50,7 @@
+ #define PST_ENDALIAS	0x200000	/* just finished expanding and consuming an alias */
+ #define PST_NOEXPAND	0x400000	/* don't expand anything in read_token_word; for command substitution */
+ #define PST_NOERROR	0x800000	/* don't print error messages in yyerror */
++#define PST_STRING	0x1000000	/* parsing a string to a command or word list */
+ 
+ /* Definition of the delimiter stack.  Needed by parse.y and bashhist.c. */
+ struct dstack {
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+    regexp `^#define[ 	]*PATCHLEVEL', since that's what support/mkversion.sh
+    looks for to find the patch level (for the sccs version string). */
+ 
+-#define PATCHLEVEL 5
++#define PATCHLEVEL 6
+ 
+ #endif /* _PATCHLEVEL_H_ */
+--- a/shell.c
++++ b/shell.c
+@@ -1844,8 +1844,8 @@ reset_option_defaults ()
+ static void
+ init_interactive ()
+ {
+-  expand_aliases = interactive_shell = startup_state = 1;
+-  interactive = 1;
++  expand_aliases = expaliases_flag = 1;
++  interactive_shell = startup_state = interactive = 1;
+ #if defined (HISTORY)
+   if (enable_history_list == -1)
+     enable_history_list = 1;				/* set default  */
+@@ -1865,7 +1865,7 @@ init_noninteractive ()
+   bash_history_reinit (0);
+ #endif /* HISTORY */
+   interactive_shell = startup_state = interactive = 0;
+-  expand_aliases = posixly_correct;	/* XXX - was 0 not posixly_correct */
++  expand_aliases = expaliases_flag = posixly_correct;	/* XXX - was 0 not posixly_correct */
+   no_line_editing = 1;
+ #if defined (JOB_CONTROL)
+   /* Even if the shell is not interactive, enable job control if the -i or
+@@ -1882,7 +1882,7 @@ init_interactive_script ()
+     enable_history_list = 1;
+ #endif
+   init_noninteractive ();
+-  expand_aliases = interactive_shell = startup_state = 1;
++  expand_aliases = expaliases_flag = interactive_shell = startup_state = 1;
+ #if defined (HISTORY)
+   remember_on_history = enable_history_list;	/* XXX */
+ #endif
+@@ -2025,7 +2025,7 @@ shell_reinitialize ()
+   debugging = do_version = line_number = last_command_exit_value = 0;
+   forced_interactive = interactive_shell = 0;
+   subshell_environment = running_in_background = 0;
+-  expand_aliases = 0;
++  expand_aliases = expaliases_flag = 0;
+   bash_argv_initialized = 0;
+ 
+   /* XXX - should we set jobs_m_flag to 0 here? */
+--- a/y.tab.c
++++ b/y.tab.c
+@@ -5617,6 +5617,8 @@ reset_parser ()
+   if (parser_state & (PST_EXTPAT|PST_CMDSUBST))
+     extended_glob = global_extglob;
+ #endif
++  if (parser_state & (PST_CMDSUBST|PST_STRING))
++    expand_aliases = expaliases_flag;
+ 
+   parser_state = 0;
+   here_doc_first_line = 0;
+@@ -6699,6 +6701,7 @@ parse_string_to_command (string, flags)
+   if (flags & SX_COMPLETE)
+     parser_state |= PST_NOERROR;
+ 
++  parser_state |= PST_STRING;
+   expand_aliases = 0;
+ 
+   cmd = 0;
+@@ -8712,7 +8715,7 @@ parse_string_to_word_list (s, flags, who
+       /* State flags we don't want to persist into compound assignments. */
+       parser_state &= ~PST_NOEXPAND;	/* parse_comsub sentinel */
+       /* State flags we want to set for this run through the tokenizer. */
+-      parser_state |= PST_COMPASSIGN|PST_REPARSE;
++      parser_state |= PST_COMPASSIGN|PST_REPARSE|PST_STRING;
+     }
+ 
+   while ((tok = read_token (READ)) != yacc_EOF)
diff --git a/debian/patches/bash52-007.diff b/debian/patches/bash52-007.diff
new file mode 100644
index 0000000..5e5c978
--- /dev/null
+++ b/debian/patches/bash52-007.diff
@@ -0,0 +1,215 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	5.2
+Patch-ID:	bash52-007
+
+Bug-Reported-by:	Bruce Jerrick
+Bug-Reference-ID:
+Bug-Reference-URL:	https://bugzilla.redhat.com/show_bug.cgi?id=2134307
+
+Bug-Description:
+
+This patch fixes several problems with alias expansion inside command
+substitutions when in POSIX mode.
+
+--- a/builtins/evalstring.c
++++ b/builtins/evalstring.c
+@@ -431,6 +431,8 @@ parse_and_execute (string, from_file, fl
+ 
+       if (parse_command () == 0)
+ 	{
++	  int local_expalias, local_alflag;
++
+ 	  if ((flags & SEVAL_PARSEONLY) || (interactive_shell == 0 && read_but_dont_execute))
+ 	    {
+ 	      last_result = EXECUTION_SUCCESS;
+@@ -507,6 +509,19 @@ parse_and_execute (string, from_file, fl
+ 		}
+ #endif /* ONESHOT */
+ 
++	      /* We play tricks in the parser and command_substitute() turning
++		 expand_aliases on and off depending on which parsing pass and
++		 whether or not we're in posix mode. This only matters for
++		 parsing, and we let the higher layers deal with that. We just
++		 want to ensure that expand_aliases is set to the appropriate
++		 global value when we go to execute this command, so we save
++		 and restore it around the execution (we don't restore it if
++		 the global value of the flag (expaliases_flag) changes). */
++	      local_expalias = expand_aliases;
++	      local_alflag = expaliases_flag;
++	      if (subshell_environment & SUBSHELL_COMSUB)
++		expand_aliases = expaliases_flag;
++
+ 	      /* See if this is a candidate for $( <file ). */
+ 	      if (startup_state == 2 &&
+ 		  (subshell_environment & SUBSHELL_COMSUB) &&
+@@ -524,6 +539,10 @@ parse_and_execute (string, from_file, fl
+ 	      dispose_fd_bitmap (bitmap);
+ 	      discard_unwind_frame ("pe_dispose");
+ 
++	      /* If the global value didn't change, we restore what we had. */
++	      if ((subshell_environment & SUBSHELL_COMSUB) && local_alflag == expaliases_flag)
++		expand_aliases = local_expalias;
++
+ 	      if (flags & SEVAL_ONECMD)
+ 		{
+ 		  reset_parser ();
+--- a/command.h
++++ b/command.h
+@@ -114,6 +114,7 @@ enum command_type { cm_for, cm_case, cm_
+ #define PF_COMPLETE	0x10	/* same as W_COMPLETE, sets SX_COMPLETE */
+ #define PF_EXPANDRHS	0x20	/* same as W_EXPANDRHS */
+ #define PF_ALLINDS	0x40	/* array, act as if [@] was supplied */
++#define PF_BACKQUOTE	0x80	/* differentiate `` from $() for command_substitute */
+ 
+ /* Possible values for subshell_environment */
+ #define SUBSHELL_ASYNC	0x01	/* subshell caused by `command &' */
+--- a/parse.y
++++ b/parse.y
+@@ -3612,6 +3612,7 @@ tokword:
+ #define P_BACKQUOTE	0x0010	/* parsing a backquoted command substitution */
+ #define P_ARRAYSUB	0x0020	/* parsing a [...] array subscript for assignment */
+ #define P_DOLBRACE	0x0040	/* parsing a ${...} construct */
++#define P_ARITH		0x0080	/* parsing a $(( )) arithmetic expansion */
+ 
+ /* Lexical state while parsing a grouping construct or $(...). */
+ #define LEX_WASDOL	0x0001
+@@ -3910,6 +3911,9 @@ parse_matched_pair (qc, open, close, len
+ 	    }
+ 	  else if ((flags & (P_ARRAYSUB|P_DOLBRACE)) && (tflags & LEX_WASDOL) && (ch == '(' || ch == '{' || ch == '['))	/* ) } ] */
+ 	    goto parse_dollar_word;
++	  else if ((flags & P_ARITH) && (tflags & LEX_WASDOL) && ch == '(') /*)*/
++	    /* $() inside $(( ))/$[ ] */
++	    goto parse_dollar_word;
+ #if defined (PROCESS_SUBSTITUTION)
+ 	  /* XXX - technically this should only be recognized at the start of
+ 	     a word */
+@@ -3940,7 +3944,7 @@ parse_dollar_word:
+ 	  else if (ch == '{')		/* } */
+ 	    nestret = parse_matched_pair (0, '{', '}', &nestlen, P_FIRSTCLOSE|P_DOLBRACE|rflags);
+ 	  else if (ch == '[')		/* ] */
+-	    nestret = parse_matched_pair (0, '[', ']', &nestlen, rflags);
++	    nestret = parse_matched_pair (0, '[', ']', &nestlen, rflags|P_ARITH);
+ 
+ 	  CHECK_NESTRET_ERROR ();
+ 	  APPEND_NESTRET ();
+@@ -4079,7 +4083,7 @@ parse_comsub (qc, open, close, lenp, fla
+       peekc = shell_getc (1);
+       shell_ungetc (peekc);
+       if (peekc == '(')		/*)*/
+-	return (parse_matched_pair (qc, open, close, lenp, 0));
++	return (parse_matched_pair (qc, open, close, lenp, P_ARITH));
+     }
+ 
+ /*itrace("parse_comsub: qc = `%c' open = %c close = %c", qc, open, close);*/
+@@ -4500,7 +4504,7 @@ parse_arith_cmd (ep, adddq)
+   int ttoklen;
+ 
+   exp_lineno = line_number;
+-  ttok = parse_matched_pair (0, '(', ')', &ttoklen, 0);
++  ttok = parse_matched_pair (0, '(', ')', &ttoklen, P_ARITH);
+   rval = 1;
+   if (ttok == &matched_pair_error)
+     return -1;
+@@ -5015,7 +5019,7 @@ read_token_word (character)
+ 		  pop_delimiter (dstack);
+ 		}
+ 	      else
+-		ttok = parse_matched_pair (cd, '[', ']', &ttoklen, 0);
++		ttok = parse_matched_pair (cd, '[', ']', &ttoklen, P_ARITH);
+ 	      if (ttok == &matched_pair_error)
+ 		return -1;		/* Bail immediately. */
+ 	      RESIZE_MALLOCED_BUFFER (token, token_index, ttoklen + 3,
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+    regexp `^#define[ 	]*PATCHLEVEL', since that's what support/mkversion.sh
+    looks for to find the patch level (for the sccs version string). */
+ 
+-#define PATCHLEVEL 6
++#define PATCHLEVEL 7
+ 
+ #endif /* _PATCHLEVEL_H_ */
+--- a/subst.c
++++ b/subst.c
+@@ -7123,8 +7123,12 @@ command_substitute (string, quoted, flag
+       remove_quoted_escapes (string);
+ 
+       /* We want to expand aliases on this pass if we are not in posix mode
+-	 for backwards compatibility. */
+-      if (expand_aliases)
++	 for backwards compatibility. parse_and_execute() takes care of
++	 setting expand_aliases back to the global value when executing the
++	 parsed string. We only do this for $(...) command substitution,
++	 since that is what parse_comsub handles; `` comsubs are processed
++	 using parse.y:parse_matched_pair(). */
++      if (expand_aliases && (flags & PF_BACKQUOTE) == 0)
+         expand_aliases = posixly_correct == 0;
+ 
+       startup_state = 2;	/* see if we can avoid a fork */
+@@ -11292,7 +11296,7 @@ add_string:
+ 	    else
+ 	      {
+ 		de_backslash (temp);
+-		tword = command_substitute (temp, quoted, 0);
++		tword = command_substitute (temp, quoted, PF_BACKQUOTE);
+ 		temp1 = tword ? tword->word : (char *)NULL;
+ 		if (tword)
+ 		  dispose_word_desc (tword);
+--- a/y.tab.c
++++ b/y.tab.c
+@@ -5923,6 +5923,7 @@ tokword:
+ #define P_BACKQUOTE	0x0010	/* parsing a backquoted command substitution */
+ #define P_ARRAYSUB	0x0020	/* parsing a [...] array subscript for assignment */
+ #define P_DOLBRACE	0x0040	/* parsing a ${...} construct */
++#define P_ARITH		0x0080	/* parsing a $(( )) arithmetic expansion */
+ 
+ /* Lexical state while parsing a grouping construct or $(...). */
+ #define LEX_WASDOL	0x0001
+@@ -6221,6 +6222,9 @@ parse_matched_pair (qc, open, close, len
+ 	    }
+ 	  else if ((flags & (P_ARRAYSUB|P_DOLBRACE)) && (tflags & LEX_WASDOL) && (ch == '(' || ch == '{' || ch == '['))	/* ) } ] */
+ 	    goto parse_dollar_word;
++	  else if ((flags & P_ARITH) && (tflags & LEX_WASDOL) && ch == '(') /*)*/
++	    /* $() inside $(( ))/$[ ] */
++	    goto parse_dollar_word;
+ #if defined (PROCESS_SUBSTITUTION)
+ 	  /* XXX - technically this should only be recognized at the start of
+ 	     a word */
+@@ -6251,7 +6255,7 @@ parse_dollar_word:
+ 	  else if (ch == '{')		/* } */
+ 	    nestret = parse_matched_pair (0, '{', '}', &nestlen, P_FIRSTCLOSE|P_DOLBRACE|rflags);
+ 	  else if (ch == '[')		/* ] */
+-	    nestret = parse_matched_pair (0, '[', ']', &nestlen, rflags);
++	    nestret = parse_matched_pair (0, '[', ']', &nestlen, rflags|P_ARITH);
+ 
+ 	  CHECK_NESTRET_ERROR ();
+ 	  APPEND_NESTRET ();
+@@ -6390,7 +6394,7 @@ parse_comsub (qc, open, close, lenp, fla
+       peekc = shell_getc (1);
+       shell_ungetc (peekc);
+       if (peekc == '(')		/*)*/
+-	return (parse_matched_pair (qc, open, close, lenp, 0));
++	return (parse_matched_pair (qc, open, close, lenp, P_ARITH));
+     }
+ 
+ /*itrace("parse_comsub: qc = `%c' open = %c close = %c", qc, open, close);*/
+@@ -6811,7 +6815,7 @@ parse_arith_cmd (ep, adddq)
+   int ttoklen;
+ 
+   exp_lineno = line_number;
+-  ttok = parse_matched_pair (0, '(', ')', &ttoklen, 0);
++  ttok = parse_matched_pair (0, '(', ')', &ttoklen, P_ARITH);
+   rval = 1;
+   if (ttok == &matched_pair_error)
+     return -1;
+@@ -7326,7 +7330,7 @@ read_token_word (character)
+ 		  pop_delimiter (dstack);
+ 		}
+ 	      else
+-		ttok = parse_matched_pair (cd, '[', ']', &ttoklen, 0);
++		ttok = parse_matched_pair (cd, '[', ']', &ttoklen, P_ARITH);
+ 	      if (ttok == &matched_pair_error)
+ 		return -1;		/* Bail immediately. */
+ 	      RESIZE_MALLOCED_BUFFER (token, token_index, ttoklen + 3,
diff --git a/debian/patches/bash52-008.diff b/debian/patches/bash52-008.diff
new file mode 100644
index 0000000..6d5bb11
--- /dev/null
+++ b/debian/patches/bash52-008.diff
@@ -0,0 +1,47 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	5.2
+Patch-ID:	bash52-008
+
+Bug-Reported-by:	Glenn Jackman <glenn.jackman@gmail.com>
+Bug-Reference-ID:	<CAFC8ewQDx7hzNJzveuJ5o4FWo=ij7MzckiJVN_6NXjp504QZeg@mail.gmail.com>
+Bug-Reference-URL:	https://lists.gnu.org/archive/html/bug-bash/2022-10/msg00095.html
+
+Bug-Description:
+
+Array subscript expansion can inappropriately quote brackets if the expression
+contains < or >.
+
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+    regexp `^#define[ 	]*PATCHLEVEL', since that's what support/mkversion.sh
+    looks for to find the patch level (for the sccs version string). */
+ 
+-#define PATCHLEVEL 7
++#define PATCHLEVEL 8
+ 
+ #endif /* _PATCHLEVEL_H_ */
+--- a/subst.c
++++ b/subst.c
+@@ -3819,6 +3819,10 @@ pos_params (string, start, end, quoted,
+ #define EXP_CHAR(s) (s == '$' || s == '`' || s == CTLESC || s == '~')
+ #endif
+ 
++/* We don't perform process substitution in arithmetic expressions, so don't
++   bother checking for it. */
++#define ARITH_EXP_CHAR(s) (s == '$' || s == '`' || s == CTLESC || s == '~')
++
+ /* If there are any characters in STRING that require full expansion,
+    then call FUNC to expand STRING; otherwise just perform quote
+    removal if necessary.  This returns a new string. */
+@@ -4028,7 +4032,7 @@ expand_arith_string (string, quoted)
+   i = saw_quote = 0;
+   while (string[i])
+     {
+-      if (EXP_CHAR (string[i]))
++      if (ARITH_EXP_CHAR (string[i]))
+ 	break;
+       else if (string[i] == '\'' || string[i] == '\\' || string[i] == '"')
+ 	saw_quote = string[i];
diff --git a/debian/patches/bash52-009.diff b/debian/patches/bash52-009.diff
new file mode 100644
index 0000000..cd1e0b1
--- /dev/null
+++ b/debian/patches/bash52-009.diff
@@ -0,0 +1,36 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	5.2
+Patch-ID:	bash52-009
+
+Bug-Reported-by:	Corey Hickey <bugfood-ml@fatooh.org>
+Bug-Reference-ID:	<134330ef-0ead-d73e-68eb-d58fc51efdba@fatooh.org>
+Bug-Reference-URL:	https://lists.gnu.org/archive/html/help-bash/2022-10/msg00025.html
+
+Bug-Description:
+
+Bash arithmetic expansion should allow `@' and `*' to be used as associative
+array keys in expressions.
+
+--- a/expr.c
++++ b/expr.c
+@@ -1168,6 +1168,8 @@ expr_streval (tok, e, lvalue)
+   /* [[[[[ */
+ #if defined (ARRAY_VARS)
+   aflag = tflag;	/* use a different variable for now */
++  if (shell_compatibility_level > 51)
++    aflag |= AV_ATSTARKEYS;
+   v = (e == ']') ? array_variable_part (tok, tflag, (char **)0, (int *)0) : find_variable (tok);
+ #else
+   v = find_variable (tok);
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+    regexp `^#define[ 	]*PATCHLEVEL', since that's what support/mkversion.sh
+    looks for to find the patch level (for the sccs version string). */
+ 
+-#define PATCHLEVEL 8
++#define PATCHLEVEL 9
+ 
+ #endif /* _PATCHLEVEL_H_ */
diff --git a/debian/patches/bash52-010.diff b/debian/patches/bash52-010.diff
new file mode 100644
index 0000000..763c386
--- /dev/null
+++ b/debian/patches/bash52-010.diff
@@ -0,0 +1,55 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	5.2
+Patch-ID:	bash52-010
+
+Bug-Reported-by:	larsh@apache.org
+Bug-Reference-ID:
+Bug-Reference-URL:	https://savannah.gnu.org/support/?110744
+
+Bug-Description:
+
+Bash-5.2 checks the first 128 characters of an executable file that execve()
+refuses to execute to see whether it's a binary file before trying to
+execute it as a shell script. This defeats some previously-supported use
+cases like "self-executing" jar files or "self-uncompressing" scripts.
+
+--- a/general.c
++++ b/general.c
+@@ -683,21 +683,20 @@ check_binary_file (sample, sample_len)
+      int sample_len;
+ {
+   register int i;
++  int nline;
+   unsigned char c;
+ 
+   if (sample_len >= 4 && sample[0] == 0x7f && sample[1] == 'E' && sample[2] == 'L' && sample[3] == 'F')
+     return 1;
+ 
+   /* Generally we check the first line for NULs. If the first line looks like
+-     a `#!' interpreter specifier, we just look for NULs anywhere in the
+-     buffer. */
+-  if (sample[0] == '#' && sample[1] == '!')
+-    return (memchr (sample, '\0', sample_len) != NULL);
++     a `#!' interpreter specifier, we look for NULs in the first two lines. */
++  nline = (sample[0] == '#' && sample[1] == '!') ? 2 : 1;
+ 
+   for (i = 0; i < sample_len; i++)
+     {
+       c = sample[i];
+-      if (c == '\n')
++      if (c == '\n' && --nline == 0)
+ 	return (0);
+       if (c == '\0')
+ 	return (1);
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+    regexp `^#define[ 	]*PATCHLEVEL', since that's what support/mkversion.sh
+    looks for to find the patch level (for the sccs version string). */
+ 
+-#define PATCHLEVEL 9
++#define PATCHLEVEL 10
+ 
+ #endif /* _PATCHLEVEL_H_ */
diff --git a/debian/patches/bash52-011.diff b/debian/patches/bash52-011.diff
new file mode 100644
index 0000000..8a2c349
--- /dev/null
+++ b/debian/patches/bash52-011.diff
@@ -0,0 +1,38 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	5.2
+Patch-ID:	bash52-011
+
+Bug-Reported-by:	Fabien Orjollet <of1@disroot.org>
+Bug-Reference-ID:	
+Bug-Reference-URL:	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023776
+
+Bug-Description:
+
+Using timeouts and readline editing with the `read' builtin (read -e -t) can
+leave the readline timeout enabled, potentially resulting in an erroneous
+timeout on the next call.
+
+--- a/builtins/read.def
++++ b/builtins/read.def
+@@ -167,6 +167,9 @@ reset_timeout ()
+   /* Cancel alarm before restoring signal handler. */
+   if (read_timeout)
+     shtimer_clear (read_timeout);
++#if defined (READLINE)
++  rl_clear_timeout ();
++#endif
+   read_timeout = 0;
+ }
+ 
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+    regexp `^#define[ 	]*PATCHLEVEL', since that's what support/mkversion.sh
+    looks for to find the patch level (for the sccs version string). */
+ 
+-#define PATCHLEVEL 10
++#define PATCHLEVEL 11
+ 
+ #endif /* _PATCHLEVEL_H_ */
diff --git a/debian/patches/bash52-012.diff b/debian/patches/bash52-012.diff
new file mode 100644
index 0000000..2a2976e
--- /dev/null
+++ b/debian/patches/bash52-012.diff
@@ -0,0 +1,277 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	5.2
+Patch-ID:	bash52-012
+
+Bug-Reported-by:	Kerin Millar <kfm@plushkava.net>
+Bug-Reference-ID:	<20221002095107.89561bc811e549b55644df11@plushkava.net>
+Bug-Reference-URL:	https://lists.gnu.org/archive/html/bug-bash/2022-10/msg00001.html
+
+Bug-Description:
+
+When running in bash compatibility mode, nested command substitutions can
+leave the `extglob' option enabled.
+
+--- a/builtins/common.h
++++ b/builtins/common.h
+@@ -257,6 +257,10 @@ extern int print_shift_error;
+ extern int expand_once_flag;
+ #endif
+ 
++#if defined (EXTENDED_GLOB)
++extern int extglob_flag;
++#endif
++
+ extern int expaliases_flag;
+ 
+ /* variables from source.def */
+--- a/builtins/shopt.def
++++ b/builtins/shopt.def
+@@ -149,6 +149,11 @@ static int shopt_set_complete_direxpand
+ static int set_assoc_expand PARAMS((char *, int));
+ #endif
+ 
++#if defined (EXTENDED_GLOB)
++int extglob_flag = EXTGLOB_DEFAULT;
++static int shopt_set_extglob PARAMS((char *, int));
++#endif
++
+ int expaliases_flag = 0;
+ static int shopt_set_expaliases PARAMS((char *, int));
+ 
+@@ -206,7 +211,7 @@ static struct {
+   { "extdebug", &debugging_mode, shopt_set_debug_mode },
+ #endif
+ #if defined (EXTENDED_GLOB)
+-  { "extglob", &extended_glob, (shopt_set_func_t *)NULL },
++  { "extglob", &extglob_flag, shopt_set_extglob },
+ #endif
+   { "extquote", &extended_quote, (shopt_set_func_t *)NULL },
+   { "failglob", &fail_glob_expansion, (shopt_set_func_t *)NULL },
+@@ -377,7 +382,7 @@ reset_shopt_options ()
+ #endif
+ 
+ #if defined (EXTENDED_GLOB)
+-  extended_glob = EXTGLOB_DEFAULT;
++  extended_glob = extglob_flag = EXTGLOB_DEFAULT;
+ #endif
+ 
+ #if defined (ARRAY_VARS)
+@@ -643,6 +648,17 @@ shopt_set_expaliases (option_name, mode)
+   return 0;
+ }
+ 
++#if defined (EXTENDED_GLOB)
++static int
++shopt_set_extglob (option_name, mode)
++     char *option_name;
++     int mode;
++{
++  extended_glob = extglob_flag;
++  return 0;
++}
++#endif
++
+ #if defined (READLINE)
+ static int
+ shopt_enable_hostname_completion (option_name, mode)
+--- a/execute_cmd.c
++++ b/execute_cmd.c
+@@ -3990,13 +3990,11 @@ execute_cond_node (cond)
+       else
+ #endif /* COND_REGEXP */
+ 	{
+-	  int oe;
+-	  oe = extended_glob;
+ 	  extended_glob = 1;
+ 	  result = binary_test (cond->op->word, arg1, arg2, TEST_PATMATCH|TEST_ARITHEXP|TEST_LOCALE)
+ 				  ? EXECUTION_SUCCESS
+ 				  : EXECUTION_FAILURE;
+-	  extended_glob = oe;
++	  extended_glob = extglob_flag;
+ 	}
+       if (arg1 != nullstr)
+ 	free (arg1);
+--- a/parse.y
++++ b/parse.y
+@@ -125,7 +125,7 @@ do { \
+ } while (0)
+ 
+ #if defined (EXTENDED_GLOB)
+-extern int extended_glob;
++extern int extended_glob, extglob_flag;
+ #endif
+ 
+ #if defined (TRANSLATABLE_STRINGS)
+@@ -3304,7 +3304,7 @@ reset_parser ()
+ #if defined (EXTENDED_GLOB)
+   /* Reset to global value of extended glob */
+   if (parser_state & (PST_EXTPAT|PST_CMDSUBST))
+-    extended_glob = global_extglob;
++    extended_glob = extglob_flag;
+ #endif
+   if (parser_state & (PST_CMDSUBST|PST_STRING))
+     expand_aliases = expaliases_flag;
+@@ -4124,10 +4124,10 @@ parse_comsub (qc, open, close, lenp, fla
+     expand_aliases = posixly_correct != 0;
+ #if defined (EXTENDED_GLOB)
+   /* If (parser_state & PST_EXTPAT), we're parsing an extended pattern for a
+-     conditional command and have already set global_extglob appropriately. */
++     conditional command and have already set extended_glob appropriately. */
+   if (shell_compatibility_level <= 51 && was_extpat == 0)
+     {
+-      local_extglob = global_extglob = extended_glob;
++      local_extglob = extended_glob;
+       extended_glob = 1;
+     }
+ #endif
+@@ -4235,7 +4235,7 @@ xparse_dolparen (base, string, indp, fla
+ {
+   sh_parser_state_t ps;
+   sh_input_line_state_t ls;
+-  int orig_ind, nc, sflags, start_lineno;
++  int orig_ind, nc, sflags, start_lineno, local_extglob;
+   char *ret, *ep, *ostring;
+ 
+ /*debug_parser(1);*/
+@@ -4278,7 +4278,7 @@ xparse_dolparen (base, string, indp, fla
+      old value will be restored by restore_parser_state(). */
+   expand_aliases = 0;
+ #if defined (EXTENDED_GLOB)
+-  global_extglob = extended_glob;		/* for reset_parser() */
++  local_extglob = extended_glob;
+ #endif
+ 
+   token_to_read = DOLPAREN;			/* let's trick the parser */
+@@ -4296,6 +4296,9 @@ xparse_dolparen (base, string, indp, fla
+   restore_input_line_state (&ls);
+   restore_parser_state (&ps);
+ 
++#if defined (EXTENDED_GLOB)
++  extended_glob = local_extglob;
++#endif
+   token_to_read = 0;
+ 
+   /* If parse_string returns < 0, we need to jump to top level with the
+@@ -4731,12 +4734,16 @@ cond_term ()
+ 	}
+ 
+       /* rhs */
++#if defined (EXTENDED_GLOB)
+       local_extglob = extended_glob;
+       if (parser_state & PST_EXTPAT)
+ 	extended_glob = 1;
++#endif
+       tok = read_token (READ);
++#if defined (EXTENDED_GLOB)
+       if (parser_state & PST_EXTPAT)
+ 	extended_glob = local_extglob;
++#endif
+       parser_state &= ~(PST_REGEXP|PST_EXTPAT);
+ 
+       if (tok == WORD)
+@@ -4783,7 +4790,6 @@ parse_cond_command ()
+ {
+   COND_COM *cexp;
+ 
+-  global_extglob = extended_glob;
+   cexp = cond_expr ();
+   return (make_cond_command (cexp));
+ }
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+    regexp `^#define[ 	]*PATCHLEVEL', since that's what support/mkversion.sh
+    looks for to find the patch level (for the sccs version string). */
+ 
+-#define PATCHLEVEL 11
++#define PATCHLEVEL 12
+ 
+ #endif /* _PATCHLEVEL_H_ */
+--- a/y.tab.c
++++ b/y.tab.c
+@@ -175,7 +175,7 @@ do { \
+ } while (0)
+ 
+ #if defined (EXTENDED_GLOB)
+-extern int extended_glob;
++extern int extended_glob, extglob_flag;
+ #endif
+ 
+ #if defined (TRANSLATABLE_STRINGS)
+@@ -5615,7 +5615,7 @@ reset_parser ()
+ #if defined (EXTENDED_GLOB)
+   /* Reset to global value of extended glob */
+   if (parser_state & (PST_EXTPAT|PST_CMDSUBST))
+-    extended_glob = global_extglob;
++    extended_glob = extglob_flag;
+ #endif
+   if (parser_state & (PST_CMDSUBST|PST_STRING))
+     expand_aliases = expaliases_flag;
+@@ -6435,10 +6435,10 @@ parse_comsub (qc, open, close, lenp, fla
+     expand_aliases = posixly_correct != 0;
+ #if defined (EXTENDED_GLOB)
+   /* If (parser_state & PST_EXTPAT), we're parsing an extended pattern for a
+-     conditional command and have already set global_extglob appropriately. */
++     conditional command and have already set extended_glob appropriately. */
+   if (shell_compatibility_level <= 51 && was_extpat == 0)
+     {
+-      local_extglob = global_extglob = extended_glob;
++      local_extglob = extended_glob;
+       extended_glob = 1;
+     }
+ #endif
+@@ -6546,7 +6546,7 @@ xparse_dolparen (base, string, indp, fla
+ {
+   sh_parser_state_t ps;
+   sh_input_line_state_t ls;
+-  int orig_ind, nc, sflags, start_lineno;
++  int orig_ind, nc, sflags, start_lineno, local_extglob;
+   char *ret, *ep, *ostring;
+ 
+ /*debug_parser(1);*/
+@@ -6589,7 +6589,7 @@ xparse_dolparen (base, string, indp, fla
+      old value will be restored by restore_parser_state(). */
+   expand_aliases = 0;
+ #if defined (EXTENDED_GLOB)
+-  global_extglob = extended_glob;		/* for reset_parser() */
++  local_extglob = extended_glob;
+ #endif
+ 
+   token_to_read = DOLPAREN;			/* let's trick the parser */
+@@ -6607,6 +6607,9 @@ xparse_dolparen (base, string, indp, fla
+   restore_input_line_state (&ls);
+   restore_parser_state (&ps);
+ 
++#if defined (EXTENDED_GLOB)
++  extended_glob = local_extglob;
++#endif
+   token_to_read = 0;
+ 
+   /* If parse_string returns < 0, we need to jump to top level with the
+@@ -7042,12 +7045,16 @@ cond_term ()
+ 	}
+ 
+       /* rhs */
++#if defined (EXTENDED_GLOB)
+       local_extglob = extended_glob;
+       if (parser_state & PST_EXTPAT)
+ 	extended_glob = 1;
++#endif
+       tok = read_token (READ);
++#if defined (EXTENDED_GLOB)
+       if (parser_state & PST_EXTPAT)
+ 	extended_glob = local_extglob;
++#endif
+       parser_state &= ~(PST_REGEXP|PST_EXTPAT);
+ 
+       if (tok == WORD)
+@@ -7094,7 +7101,6 @@ parse_cond_command ()
+ {
+   COND_COM *cexp;
+ 
+-  global_extglob = extended_glob;
+   cexp = cond_expr ();
+   return (make_cond_command (cexp));
+ }
diff --git a/debian/patches/bash52-013.diff b/debian/patches/bash52-013.diff
new file mode 100644
index 0000000..301bce7
--- /dev/null
+++ b/debian/patches/bash52-013.diff
@@ -0,0 +1,47 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	5.2
+Patch-ID:	bash52-013
+
+Bug-Reported-by:	Ralf Oehler <Ralf@Oehler-Privat.de>
+Bug-Reference-ID:	<20221120140252.2fc6489b@bilbo>
+Bug-Reference-URL:	https://lists.gnu.org/archive/html/bug-bash/2022-11/msg00082.html
+
+Bug-Description:
+
+Bash can leak memory when referencing a non-existent associative array
+element.
+
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+    regexp `^#define[ 	]*PATCHLEVEL', since that's what support/mkversion.sh
+    looks for to find the patch level (for the sccs version string). */
+ 
+-#define PATCHLEVEL 12
++#define PATCHLEVEL 13
+ 
+ #endif /* _PATCHLEVEL_H_ */
+--- a/subst.c
++++ b/subst.c
+@@ -7497,8 +7497,6 @@ expand_arrayref:
+ 		    ? quote_string (temp)
+ 		    : quote_escapes (temp);
+ 	  rflags |= W_ARRAYIND;
+-	  if (estatep)
+-	    *estatep = es;	/* structure copy */
+ 	}
+       /* Note that array[*] and array[@] expanded to a quoted null string by
+ 	 returning the W_HASQUOTEDNULL flag to the caller in addition to TEMP. */
+@@ -7507,7 +7505,9 @@ expand_arrayref:
+       else if (es.subtype == 2 && temp && QUOTED_NULL (temp) && (quoted & (Q_DOUBLE_QUOTES|Q_HERE_DOCUMENT)))
+ 	rflags |= W_HASQUOTEDNULL;
+ 
+-      if (estatep == 0)
++      if (estatep)
++	*estatep = es;	/* structure copy */
++      else
+ 	flush_eltstate (&es);
+     }
+ #endif
diff --git a/debian/patches/bash52-014.diff b/debian/patches/bash52-014.diff
new file mode 100644
index 0000000..5d402e7
--- /dev/null
+++ b/debian/patches/bash52-014.diff
@@ -0,0 +1,106 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	5.2
+Patch-ID:	bash52-014
+
+Bug-Reported-by:	Andreas Schwab <schwab@suse.de>
+Bug-Reference-ID:	<mvmv8opcbha.fsf@suse.de>
+Bug-Reference-URL:	https://lists.gnu.org/archive/html/bug-bash/2022-10/msg00076.html
+
+Bug-Description:
+
+Bash defers processing additional terminating signals when running the
+EXIT trap while exiting due to a terminating signal. This patch allows the
+new terminating signal to kill the shell immediately.
+
+--- a/execute_cmd.c
++++ b/execute_cmd.c
+@@ -3624,6 +3624,7 @@ execute_case_command (case_command)
+ 	  free (pattern);
+ 
+ 	  dispose_words (es);
++	  QUIT;
+ 
+ 	  if (match)
+ 	    {
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+    regexp `^#define[ 	]*PATCHLEVEL', since that's what support/mkversion.sh
+    looks for to find the patch level (for the sccs version string). */
+ 
+-#define PATCHLEVEL 13
++#define PATCHLEVEL 14
+ 
+ #endif /* _PATCHLEVEL_H_ */
+--- a/sig.c
++++ b/sig.c
+@@ -94,6 +94,7 @@ static SigHandler *old_winch = (SigHandl
+ #endif
+ 
+ static void initialize_shell_signals PARAMS((void));
++static void kill_shell PARAMS((int));
+ 
+ void
+ initialize_signals (reinit)
+@@ -486,6 +487,8 @@ restore_sigmask ()
+ #endif
+ }
+ 
++static int handling_termsig = 0;
++
+ sighandler
+ termsig_sighandler (sig)
+      int sig;
+@@ -532,6 +535,14 @@ termsig_sighandler (sig)
+    sig == terminating_signal)
+     terminate_immediately = 1;
+ 
++  /* If we are currently handling a terminating signal, we have a couple of
++     choices here. We can ignore this second terminating signal and let the
++     shell exit from the first one, or we can exit immediately by killing
++     the shell with this signal. This code implements the latter; to implement
++     the former, replace the kill_shell(sig) with return. */
++  if (handling_termsig)
++    kill_shell (sig);		/* just short-circuit now */
++
+   terminating_signal = sig;
+ 
+   if (terminate_immediately)
+@@ -564,16 +575,13 @@ void
+ termsig_handler (sig)
+      int sig;
+ {
+-  static int handling_termsig = 0;
+-  int i, core;
+-  sigset_t mask;
+-
+   /* Simple semaphore to keep this function from being executed multiple
+      times.  Since we no longer are running as a signal handler, we don't
+      block multiple occurrences of the terminating signals while running. */
+   if (handling_termsig)
+     return;
+-  handling_termsig = 1;
++
++  handling_termsig = terminating_signal;	/* for termsig_sighandler */
+   terminating_signal = 0;	/* keep macro from re-testing true. */
+ 
+   /* I don't believe this condition ever tests true. */
+@@ -613,6 +621,16 @@ termsig_handler (sig)
+ 
+   run_exit_trap ();	/* XXX - run exit trap possibly in signal context? */
+ 
++  kill_shell (sig);
++}
++
++static void
++kill_shell (sig)
++     int sig;
++{
++  int i, core;
++  sigset_t mask;
++
+   /* We don't change the set of blocked signals. If a user starts the shell
+      with a terminating signal blocked, we won't get here (and if by some
+      magic chance we do, we'll exit below). What we do is to restore the
diff --git a/debian/patches/bash52-015.diff b/debian/patches/bash52-015.diff
new file mode 100644
index 0000000..c4ccaf0
--- /dev/null
+++ b/debian/patches/bash52-015.diff
@@ -0,0 +1,169 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	5.2
+Patch-ID:	bash52-015
+
+Bug-Reported-by:	Frode Nordahl <frode.nordahl@canonical.com>
+Bug-Reference-ID:	<20221119070714.351759-1-frode.nordahl@canonical.com>
+Bug-Reference-URL:	https://lists.gnu.org/archive/html/bug-bash/2022-11/msg00078.html
+
+Bug-Description:
+
+There are several cases where bash is too aggressive when optimizing out forks
+in subshells. For example, `eval' and traps should never be optimized.
+
+--- a/builtins/common.h
++++ b/builtins/common.h
+@@ -51,6 +51,7 @@ do { \
+ #define SEVAL_FUNCDEF	0x080		/* only allow function definitions */
+ #define SEVAL_ONECMD	0x100		/* only allow a single command */
+ #define SEVAL_NOHISTEXP	0x200		/* inhibit history expansion */
++#define SEVAL_NOOPTIMIZE 0x400		/* don't try to set optimization flags */
+ 
+ /* Flags for describe_command, shared between type.def and command.def */
+ #define CDESC_ALL		0x001	/* type -a */
+--- a/builtins/eval.def
++++ b/builtins/eval.def
+@@ -53,5 +53,5 @@ eval_builtin (list)
+     return (EX_USAGE);
+   list = loptend;	/* skip over possible `--' */
+ 
+-  return (list ? evalstring (string_list (list), "eval", SEVAL_NOHIST) : EXECUTION_SUCCESS);
++  return (list ? evalstring (string_list (list), "eval", SEVAL_NOHIST|SEVAL_NOOPTIMIZE) : EXECUTION_SUCCESS);
+ }
+--- a/builtins/evalstring.c
++++ b/builtins/evalstring.c
+@@ -132,8 +132,8 @@ optimize_connection_fork (command)
+   if (command->type == cm_connection &&
+       (command->value.Connection->connector == AND_AND || command->value.Connection->connector == OR_OR || command->value.Connection->connector == ';') &&
+       (command->value.Connection->second->flags & CMD_TRY_OPTIMIZING) &&
+-      ((startup_state == 2 && should_suppress_fork (command->value.Connection->second)) ||
+-       ((subshell_environment & SUBSHELL_PAREN) && should_optimize_fork (command->value.Connection->second, 0))))
++      (should_suppress_fork (command->value.Connection->second) ||
++      ((subshell_environment & SUBSHELL_PAREN) && should_optimize_fork (command->value.Connection->second, 0))))
+     {
+       command->value.Connection->second->flags |= CMD_NO_FORK;
+       command->value.Connection->second->value.Simple->flags |= CMD_NO_FORK;
+@@ -290,6 +290,7 @@ parse_prologue (string, flags, tag)
+    	(flags & SEVAL_NOFREE) -> don't free STRING when finished
+    	(flags & SEVAL_RESETLINE) -> reset line_number to 1
+    	(flags & SEVAL_NOHISTEXP) -> history_expansion_inhibited -> 1
++   	(flags & SEVAL_NOOPTIMIZE) -> don't try to turn on optimizing flags
+ */
+ 
+ int
+@@ -502,7 +503,9 @@ parse_and_execute (string, from_file, fl
+ 		 if we are at the end of the command string, the last in a
+ 		 series of connection commands is
+ 		 command->value.Connection->second. */
+-	      else if (command->type == cm_connection && can_optimize_connection (command))
++	      else if (command->type == cm_connection &&
++		       (flags & SEVAL_NOOPTIMIZE) == 0 &&
++		       can_optimize_connection (command))
+ 		{
+ 		  command->value.Connection->second->flags |= CMD_TRY_OPTIMIZING;
+ 		  command->value.Connection->second->value.Simple->flags |= CMD_TRY_OPTIMIZING;
+--- a/execute_cmd.c
++++ b/execute_cmd.c
+@@ -1654,7 +1654,8 @@ execute_in_subshell (command, asynchrono
+      subshell sets an exit trap, so we set CMD_NO_FORK for simple commands
+      and set CMD_TRY_OPTIMIZING for simple commands on the right side of an
+      and-or or `;' list to test for optimizing forks when they are executed. */
+-  if (user_subshell && command->type == cm_subshell)
++  if (user_subshell && command->type == cm_subshell &&
++      (command->flags & (CMD_TIME_PIPELINE|CMD_INVERT_RETURN)) == 0)
+     optimize_subshell_command (command->value.Subshell->command);
+ 
+   /* Do redirections, then dispose of them before recursive call. */
+--- a/jobs.c
++++ b/jobs.c
+@@ -4220,7 +4220,7 @@ run_sigchld_trap (nchild)
+   jobs_list_frozen = 1;
+   for (i = 0; i < nchild; i++)
+     {
+-      parse_and_execute (savestring (trap_command), "trap", SEVAL_NOHIST|SEVAL_RESETLINE);
++      parse_and_execute (savestring (trap_command), "trap", SEVAL_NOHIST|SEVAL_RESETLINE|SEVAL_NOOPTIMIZE);
+     }
+ 
+   run_unwind_frame ("SIGCHLD trap");
+--- a/parse.y
++++ b/parse.y
+@@ -2827,7 +2827,7 @@ execute_variable_command (command, vname
+   if (last_lastarg)
+     last_lastarg = savestring (last_lastarg);
+ 
+-  parse_and_execute (savestring (command), vname, SEVAL_NONINT|SEVAL_NOHIST);
++  parse_and_execute (savestring (command), vname, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_NOOPTIMIZE);
+ 
+   restore_parser_state (&ps);
+   bind_variable ("_", last_lastarg, 0);
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+    regexp `^#define[ 	]*PATCHLEVEL', since that's what support/mkversion.sh
+    looks for to find the patch level (for the sccs version string). */
+ 
+-#define PATCHLEVEL 14
++#define PATCHLEVEL 15
+ 
+ #endif /* _PATCHLEVEL_H_ */
+--- a/trap.c
++++ b/trap.c
+@@ -304,6 +304,7 @@ run_pending_traps ()
+   sh_parser_state_t pstate;
+   volatile int save_return_catch_flag, function_code;
+   procenv_t save_return_catch;
++  char *trap_command, *old_trap;
+ #if defined (ARRAY_VARS)
+   ARRAY *ps;
+ #endif
+@@ -419,6 +420,9 @@ run_pending_traps ()
+ 	    }
+ 	  else
+ 	    {
++	      old_trap = trap_list[sig];
++	      trap_command = savestring (old_trap);
++
+ 	      save_parser_state (&pstate);
+ 	      save_subst_varlist = subst_assign_varlist;
+ 	      subst_assign_varlist = 0;
+@@ -441,7 +445,8 @@ run_pending_traps ()
+ 		}
+ 
+ 	      if (function_code == 0)
+-		x = parse_and_execute (savestring (trap_list[sig]), "trap", SEVAL_NONINT|SEVAL_NOHIST|SEVAL_RESETLINE);
++	        /* XXX is x always last_command_exit_value? */
++		x = parse_and_execute (trap_command, "trap", SEVAL_NONINT|SEVAL_NOHIST|SEVAL_RESETLINE|SEVAL_NOOPTIMIZE);
+ 	      else
+ 		{
+ 		  parse_and_execute_cleanup (sig + 1);	/* XXX - could use -1 */
+@@ -1002,7 +1007,7 @@ run_exit_trap ()
+       if (code == 0 && function_code == 0)
+ 	{
+ 	  reset_parser ();
+-	  parse_and_execute (trap_command, "exit trap", SEVAL_NONINT|SEVAL_NOHIST|SEVAL_RESETLINE);
++	  parse_and_execute (trap_command, "exit trap", SEVAL_NONINT|SEVAL_NOHIST|SEVAL_RESETLINE|SEVAL_NOOPTIMIZE);
+ 	}
+       else if (code == ERREXIT)
+ 	retval = last_command_exit_value;
+@@ -1109,7 +1114,7 @@ _run_trap_internal (sig, tag)
+ 	  function_code = setjmp_nosigs (return_catch);
+ 	}
+ 
+-      flags = SEVAL_NONINT|SEVAL_NOHIST;
++      flags = SEVAL_NONINT|SEVAL_NOHIST|SEVAL_NOOPTIMIZE;
+       if (sig != DEBUG_TRAP && sig != RETURN_TRAP && sig != ERROR_TRAP)
+ 	flags |= SEVAL_RESETLINE;
+       evalnest++;
+--- a/y.tab.c
++++ b/y.tab.c
+@@ -5138,7 +5138,7 @@ execute_variable_command (command, vname
+   if (last_lastarg)
+     last_lastarg = savestring (last_lastarg);
+ 
+-  parse_and_execute (savestring (command), vname, SEVAL_NONINT|SEVAL_NOHIST);
++  parse_and_execute (savestring (command), vname, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_NOOPTIMIZE);
+ 
+   restore_parser_state (&ps);
+   bind_variable ("_", last_lastarg, 0);
diff --git a/debian/patches/bashbug-editor.diff b/debian/patches/bashbug-editor.diff
new file mode 100644
index 0000000..3b751b6
--- /dev/null
+++ b/debian/patches/bashbug-editor.diff
@@ -0,0 +1,12 @@
+# DP: send bug reports to Debian bash maintainer too.
+
+--- a/support/bashbug.sh
++++ b/support/bashbug.sh
+@@ -117,6 +117,7 @@
+ 		esac ;;
+ esac
+ 
++BUGBASH="${BUGBASH},bash@packages.debian.org"
+ BUGADDR="${1-$BUGBASH}"
+ 
+ if [ -z "$DEFEDITOR" ] && [ -z "$EDITOR" ]; then
diff --git a/debian/patches/deb-bash-config.diff b/debian/patches/deb-bash-config.diff
new file mode 100644
index 0000000..5b487cc
--- /dev/null
+++ b/debian/patches/deb-bash-config.diff
@@ -0,0 +1,52 @@
+# DP: Changed compile time configuration options:
+# DP: 
+# DP: - Set the default path to comply with Debian policy
+# DP: 
+# DP: - Enable System-wide .bashrc file for interactive shells.
+# DP: 
+# DP: - Enable System-wide .bash.logout  file for interactive shells.
+# DP: 
+# DP: - make non-interactive shells begun with argv[0][0] == '-'
+# DP:   run the startup files when not in posix mode.
+# DP: 
+# DP: - try to check whether bash is being run by sshd and source
+# DP:   the .bashrc if so (like the rshd behavior).
+# DP: 
+# DP: - don't define a default DEFAULT_MAIL_DIRECTORY, because it
+# DP:   can cause a timeout on NFS mounts.
+
+--- a/config-bot.h
++++ b/config-bot.h
+@@ -204,4 +204,4 @@
+ /******************************************************************/
+ 
+ /* If you don't want bash to provide a default mail file to check. */
+-/* #undef DEFAULT_MAIL_DIRECTORY */
++#undef DEFAULT_MAIL_DIRECTORY
+--- a/config-top.h
++++ b/config-top.h
+@@ -97,20 +97,20 @@
+ #define DEFAULT_BASHRC "~/.bashrc"
+ 
+ /* System-wide .bashrc file for interactive shells. */
+-/* #define SYS_BASHRC "/etc/bash.bashrc" */
++#define SYS_BASHRC "/etc/bash.bashrc"
+ 
+ /* System-wide .bash_logout for login shells. */
+-/* #define SYS_BASH_LOGOUT "/etc/bash.bash_logout" */
++#define SYS_BASH_LOGOUT "/etc/bash.bash_logout"
+ 
+ /* Define this to make non-interactive shells begun with argv[0][0] == '-'
+    run the startup files when not in posix mode. */
+-/* #define NON_INTERACTIVE_LOGIN_SHELLS */
++#define NON_INTERACTIVE_LOGIN_SHELLS
+ 
+ /* Define this if you want bash to try to check whether it's being run by
+    sshd and source the .bashrc if so (like the rshd behavior).  This checks
+    for the presence of SSH_CLIENT or SSH2_CLIENT in the initial environment,
+    which can be fooled under certain not-uncommon circumstances. */
+-/* #define SSH_SOURCE_BASHRC */
++#define SSH_SOURCE_BASHRC
+ 
+ /* Define if you want the case-toggling operators (~[~]) and the
+    `capcase' variable attribute (declare -c). */
diff --git a/debian/patches/deb-examples.diff b/debian/patches/deb-examples.diff
new file mode 100644
index 0000000..77c2d0d
--- /dev/null
+++ b/debian/patches/deb-examples.diff
@@ -0,0 +1,14 @@
+# DP: document readline header location on Debian systems
+
+--- a/examples/loadables/README
++++ b/examples/loadables/README
+@@ -40,6 +40,9 @@ rest of the example builtins. It's inten
+ that can be modified or included to help you build your own loadables
+ without having to search for the right CFLAGS and LDFLAGS.
+ 
++On Debian GNU/Linux systems, the bash headers are in /usr/include/bash.
++The appropriate options are already set in the example Makefile.
++
+ basename.c	Return non-directory portion of pathname.
+ cat.c		cat(1) replacement with no options - the way cat was intended.
+ csv.c		Process a line of csv data and store it in an indexed array.
diff --git a/debian/patches/exec-redirections-doc.diff b/debian/patches/exec-redirections-doc.diff
new file mode 100644
index 0000000..52cfc41
--- /dev/null
+++ b/debian/patches/exec-redirections-doc.diff
@@ -0,0 +1,25 @@
+--- a/doc/bash.1
++++ b/doc/bash.1
+@@ -4121,6 +4121,10 @@ A failure to open or create a file cause
+ Redirections using file descriptors greater than 9 should be used with
+ care, as they may conflict with file descriptors the shell uses
+ internally.
++.PP
++Note that the
++.B exec
++builtin command can make redirections take effect in the current shell.
+ .SS Redirecting Input
+ Redirection of input causes the file whose name results from
+ the expansion of
+--- a/doc/bashref.texi
++++ b/doc/bashref.texi
+@@ -3044,6 +3044,9 @@ Redirections using file descriptors grea
+ care, as they may conflict with file descriptors the shell uses
+ internally.
+ 
++Note that the @code{exec} builtin command can make redirections take
++effect in the current shell.
++
+ @subsection Redirecting Input
+ Redirection of input causes the file whose name results from
+ the expansion of @var{word}
diff --git a/debian/patches/input-err.diff b/debian/patches/input-err.diff
new file mode 100644
index 0000000..874d3e2
--- /dev/null
+++ b/debian/patches/input-err.diff
@@ -0,0 +1,15 @@
+# DP: Define PGRP_PIPE to avoid race condition.
+
+Index: b/input.c
+===================================================================
+--- a/input.c
++++ b/input.c
+@@ -517,7 +517,7 @@ b_fill_buffer (bp)
+       if (nr == 0)
+ 	bp->b_flag |= B_EOF;
+       else
+-	bp->b_flag |= B_ERROR;
++	fatal_error("error reading input file: %s", strerror(errno));
+       return (EOF);
+     }
+ 
diff --git a/debian/patches/man-arithmetic.diff b/debian/patches/man-arithmetic.diff
new file mode 100644
index 0000000..efef19c
--- /dev/null
+++ b/debian/patches/man-arithmetic.diff
@@ -0,0 +1,14 @@
+# DP: document deprecated syntax for arithmetic evaluation.
+
+--- a/doc/bash.1
++++ b/doc/bash.1
+@@ -3580,6 +3580,9 @@ and the substitution of the result.  The
+ \fB$((\fP\fIexpression\fP\fB))\fP
+ .RE
+ .PP
++The old format \fB$[\fP\fIexpression\fP\fB]\fP is deprecated and will
++be removed in upcoming versions of bash.
++.PP
+ The
+ .I expression
+ undergoes the same expansions
diff --git a/debian/patches/man-bashlogout.diff b/debian/patches/man-bashlogout.diff
new file mode 100644
index 0000000..73a4f6a
--- /dev/null
+++ b/debian/patches/man-bashlogout.diff
@@ -0,0 +1,14 @@
+# DP: document /etc/bash.bashrc in bash man page
+
+--- a/doc/bash.1
++++ b/doc/bash.1
+@@ -11576,6 +11576,9 @@ The systemwide initialization file, exec
+ .FN /etc/bash.bashrc
+ The systemwide per-interactive-shell startup file
+ .TP
++.FN /etc/bash.bash.logout
++The systemwide login shell cleanup file, executed when a login shell exits
++.TP
+ .FN ~/.bash_profile
+ The personal initialization file, executed for login shells
+ .TP
diff --git a/debian/patches/man-bashrc.diff b/debian/patches/man-bashrc.diff
new file mode 100644
index 0000000..300d3eb
--- /dev/null
+++ b/debian/patches/man-bashrc.diff
@@ -0,0 +1,65 @@
+# DP: document /etc/bash.bashrc in bash man page
+
+--- a/doc/bash.1
++++ b/doc/bash.1
+@@ -187,7 +187,9 @@ Display a usage message on standard outp
+ .PD
+ Execute commands from
+ .I file
+-instead of the standard personal initialization file
++instead of the system wide initialization file
++.I /etc/bash.bashrc
++and the standard personal initialization file
+ .I ~/.bashrc
+ if the shell is interactive (see
+ .SM
+@@ -218,7 +220,9 @@ reads these files when it is invoked as
+ below).
+ .TP
+ .B \-\-norc
+-Do not read and execute the personal initialization file
++Do not read and execute the system wide initialization file
++.I /etc/bash.bashrc
++and the personal initialization file
+ .I ~/.bashrc
+ if the shell is interactive.
+ This option is on by default if the shell is invoked as
+@@ -333,13 +337,15 @@ exists.
+ .PP
+ When an interactive shell that is not a login shell is started,
+ .B bash
+-reads and executes commands from \fI~/.bashrc\fP, if that file exists.
++reads and executes commands from \fI/etc/bash.bashrc\fP and \fI~/.bashrc\fP,
++if these files exist.
+ This may be inhibited by using the
+ .B \-\-norc
+ option.
+ The \fB\-\-rcfile\fP \fIfile\fP option will force
+ .B bash
+-to read and execute commands from \fIfile\fP instead of \fI~/.bashrc\fP.
++to read and execute commands from \fIfile\fP instead of
++\fI/etc/bash.bashrc\fP and \fI~/.bashrc\fP.
+ .PP
+ When
+ .B bash
+@@ -426,8 +432,8 @@ or the secure shell daemon \fIsshd\fP.
+ If
+ .B bash
+ determines it is being run non-interactively in this fashion,
+-it reads and executes commands from \fI~/.bashrc\fP,
+-if that file exists and is readable.
++it reads and executes commands from \fI/etc/bash.bashrc\fP and \fI~/.bashrc\fP,
++if these files exist and are readable.
+ It will not do this if invoked as \fBsh\fP.
+ The
+ .B \-\-norc
+@@ -11581,6 +11587,9 @@ The \fBbash\fP executable
+ .FN /etc/profile
+ The systemwide initialization file, executed for login shells
+ .TP
++.FN /etc/bash.bashrc
++The systemwide per-interactive-shell startup file
++.TP
+ .FN ~/.bash_profile
+ The personal initialization file, executed for login shells
+ .TP
diff --git a/debian/patches/man-fignore.diff b/debian/patches/man-fignore.diff
new file mode 100644
index 0000000..1c52365
--- /dev/null
+++ b/debian/patches/man-fignore.diff
@@ -0,0 +1,15 @@
+# DP: bash(1): mention quoting when assigning to FIGNORE
+
+--- a/doc/bash.1
++++ b/doc/bash.1
+@@ -2220,7 +2220,9 @@ A filename whose suffix matches one of t
+ is excluded from the list of matched filenames.
+ A sample value is
+ .if t \f(CW".o:~"\fP.
+-.if n ".o:~".
++.if n ".o:~"
++(Quoting is needed when assigning a value to this variable,
++which contains tildes).
+ .TP
+ .B FUNCNEST
+ If set to a numeric value greater than 0, defines a maximum function
diff --git a/debian/patches/man-macro-warnings.diff b/debian/patches/man-macro-warnings.diff
new file mode 100644
index 0000000..60497ce
--- /dev/null
+++ b/debian/patches/man-macro-warnings.diff
@@ -0,0 +1,53 @@
+# DP: Move definition of the macro "FN" out of the region of the "ig"
+# DP: macro.  Define macros and registers "zZ" and "zY".
+
+--- a/doc/bash.1
++++ b/doc/bash.1
+@@ -8,6 +8,22 @@
+ .\"	Last Change: Mon Sep 19 11:13:21 EDT 2022
+ .\"
+ .\" bash_builtins, strip all but Built-Ins section
++.de zZ
++..
++.de zY
++..
++.\"
++.\" File Name macro.  This used to be `.PN', for Path Name,
++.\" but Sun doesn't seem to like that very much.
++.\"
++.de FN
++\fI\|\\$1\|\fP
++..
++.\" Number register zZ is defined in bash-builtins(7)
++.\" Number register zY is defined in rbash(1)
++.\" This man-page is included in them
++.if !rzZ .nr zZ 0 \" avoid a warning about an undefined register
++.if !rzY .nr zY 0 \" avoid a warning about an undefined register
+ .if \n(zZ=1 .ig zZ
+ .if \n(zY=1 .ig zY
+ .TH BASH 1 "2022 September 19" "GNU Bash 5.2"
+@@ -36,13 +52,6 @@
+ .\" .el \\*(]X\h|\\n()Iu+\\n()Ru\c
+ .\" .}f
+ .\" ..
+-.\"
+-.\" File Name macro.  This used to be `.PN', for Path Name,
+-.\" but Sun doesn't seem to like that very much.
+-.\"
+-.de FN
+-\fI\|\\$1\|\fP
+-..
+ .SH NAME
+ bash \- GNU Bourne-Again SHell
+ .SH SYNOPSIS
+@@ -2530,8 +2539,8 @@ and is set by the administrator who inst
+ .BR bash .
+ A common value is
+ .na
+-.if t \f(CW/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin\fP.
+-.if n ``/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin''.
++.if t \f(CW/usr/local/bin:\:/usr/local/sbin:\:/usr/bin:\:/usr/sbin:\:/bin:\:/sbin\fP.
++.if n ``/usr/local/bin:\:/usr/local/sbin:\:/usr/bin:\:/usr/sbin:\:/bin:\:/sbin''.
+ .ad
+ .TP
+ .B POSIXLY_CORRECT
diff --git a/debian/patches/man-nocaseglob.diff b/debian/patches/man-nocaseglob.diff
new file mode 100644
index 0000000..92c4c84
--- /dev/null
+++ b/debian/patches/man-nocaseglob.diff
@@ -0,0 +1,15 @@
+# DP: Clarify documentation about case-insensitive pathname expansion
+
+--- a/doc/bash.1
++++ b/doc/bash.1
+@@ -3754,6 +3754,10 @@ If the shell option
+ .B nocaseglob
+ is enabled, the match is performed without regard to the case
+ of alphabetic characters.
++Note that when using range expressions like
++[a-z] (see below), letters of the other case may be included,
++depending on the setting of
++.B LC_COLLATE.
+ When a pattern is used for pathname expansion,
+ the character
+ .B ``.''
diff --git a/debian/patches/man-test.diff b/debian/patches/man-test.diff
new file mode 100644
index 0000000..ca7a5a1
--- /dev/null
+++ b/debian/patches/man-test.diff
@@ -0,0 +1,17 @@
+# DP: document conditional file expressions acting on the target of
+# DP: symbolic links as well (except -h, -L).
+
+Index: b/builtins/test.def
+===================================================================
+--- a/builtins/test.def
++++ b/builtins/test.def
+@@ -64,6 +64,9 @@ File operators:
+ 
+   FILE1 -ef FILE2  True if file1 is a hard link to file2.
+ 
++All file operators except -h and -L are acting on the target of a symbolic
++link, not on the symlink itself, if FILE is a symbolic link.
++
+ String operators:
+ 
+   -z STRING      True if string is empty.
diff --git a/debian/patches/man-test2.diff b/debian/patches/man-test2.diff
new file mode 100644
index 0000000..6271a25
--- /dev/null
+++ b/debian/patches/man-test2.diff
@@ -0,0 +1,40 @@
+# DP: Document handling of parameters of the test builtin.
+
+--- a/builtins/test.def
++++ b/builtins/test.def
+@@ -100,6 +100,9 @@ Arithmetic binary operators return true
+ less-than, less-than-or-equal, greater-than, or greater-than-or-equal
+ than ARG2.
+ 
++See the bash manual page bash(1) for the handling of parameters (i.e.
++missing parameters).
++
+ Exit Status:
+ Returns success if EXPR evaluates to true; fails if EXPR evaluates to
+ false or an invalid argument is given.
+--- a/doc/bash.1
++++ b/doc/bash.1
+@@ -732,6 +732,10 @@ as primaries.
+ .if n .sp 1
+ When used with \fB[[\fP, the \fB<\fP and \fB>\fP operators sort
+ lexicographically using the current locale.
++.PP
++See the description of the \fItest\fP builtin command (section SHELL
++BUILTIN COMMANDS below) for the handling of parameters (i.e.
++missing parameters).
+ .if t .sp 0.5
+ .if n .sp 1
+ When the \fB==\fP and \fB!=\fP operators are used, the string to the
+--- a/doc/bashref.texi
++++ b/doc/bashref.texi
+@@ -7322,6 +7322,10 @@ The @code{test} command uses ASCII order
+ Unless otherwise specified, primaries that operate on files follow symbolic
+ links and operate on the target of the link, rather than the link itself.
+ 
++See the description of the @code{test} builtin command (section
++@pxref{Bash Builtins} below) for the handling of parameters
++(i.e. missing parameters).
++
+ @table @code
+ @item -a @var{file}
+ True if @var{file} exists.
diff --git a/debian/patches/man-vx-opts.diff b/debian/patches/man-vx-opts.diff
new file mode 100644
index 0000000..9354fe6
--- /dev/null
+++ b/debian/patches/man-vx-opts.diff
@@ -0,0 +1,19 @@
+# DP: document -v / -x options
+
+Index: b/doc/bash.1
+===================================================================
+--- a/doc/bash.1
++++ b/doc/bash.1
+@@ -131,6 +131,12 @@ This option allows the positional parame
+ when invoking an interactive shell or when reading input
+ through a pipe.
+ .TP
++.B \-v
++Print shell input lines as they are read.
++.TP
++.B \-x
++Print commands and their arguments as they are executed.
++.TP
+ .B \-D
+ A list of all double-quoted strings preceded by \fB$\fP
+ is printed on the standard output.
diff --git a/debian/patches/no-brk-caching.diff b/debian/patches/no-brk-caching.diff
new file mode 100644
index 0000000..dc4ba85
--- /dev/null
+++ b/debian/patches/no-brk-caching.diff
@@ -0,0 +1,47 @@
+# DP: Don't cache the value of brk between sbrk calls.
+
+--- a/lib/malloc/malloc.c
++++ b/lib/malloc/malloc.c
+@@ -227,8 +227,6 @@
+ static int pagebucket;	/* bucket for requests a page in size */
+ static int maxbuck;	/* highest bucket receiving allocation request. */
+ 
+-static char *memtop;	/* top of heap */
+-
+ static const unsigned long binsizes[NBUCKETS] = {
+ 	8UL, 16UL, 32UL, 64UL, 128UL, 256UL, 512UL, 1024UL, 2048UL, 4096UL,
+ 	8192UL, 16384UL, 32768UL, 65536UL, 131072UL, 262144UL, 524288UL,
+@@ -538,7 +536,6 @@
+   siz = binsize (nu);
+   /* Should check for errors here, I guess. */
+   sbrk (-siz);
+-  memtop -= siz;
+ 
+ #ifdef MALLOC_STATS
+   _mstats.nsbrk++;
+@@ -633,8 +630,6 @@
+   if ((long)mp == -1)
+     goto morecore_done;
+ 
+-  memtop += sbrk_amt;
+-
+   /* shouldn't happen, but just in case -- require 8-byte alignment */
+   if ((long)mp & MALIGN_MASK)
+     {
+@@ -684,7 +679,7 @@
+      Some of this partial page will be wasted space, but we'll use as
+      much as we can.  Once we figure out how much to advance the break
+      pointer, go ahead and do it. */
+-  memtop = curbrk = sbrk (0);
++  curbrk = sbrk (0);
+   sbrk_needed = pagesz - ((long)curbrk & (pagesz - 1));	/* sbrk(0) % pagesz */
+   if (sbrk_needed < 0)
+     sbrk_needed += pagesz;
+@@ -699,7 +694,6 @@
+       curbrk = sbrk (sbrk_needed);
+       if ((long)curbrk == -1)
+ 	return -1;
+-      memtop += sbrk_needed;
+ 
+       /* Take the memory which would otherwise be wasted and populate the most
+ 	 popular bin (2 == 32 bytes) with it.  Add whatever we need to curbrk
diff --git a/debian/patches/rbash-manpage.diff b/debian/patches/rbash-manpage.diff
new file mode 100644
index 0000000..0103e61
--- /dev/null
+++ b/debian/patches/rbash-manpage.diff
@@ -0,0 +1,12 @@
+# DP: doc/rbash.1: fix bash(1) reference
+
+--- a/doc/rbash.1
++++ b/doc/rbash.1
+@@ -3,6 +3,6 @@
+ rbash \- restricted bash, see \fBbash\fR(1)
+ .SH RESTRICTED SHELL
+ .nr zY 1
+-.so bash.1
++.so man1/bash.1
+ .SH SEE ALSO
+ bash(1)
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..79c2dee
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1,35 @@
+#bash52-001.diff
+#bash52-002.diff
+#bash52-003.diff
+#bash52-004.diff
+#bash52-005.diff
+#bash52-006.diff
+#bash52-007.diff
+#bash52-008.diff
+#bash52-009.diff
+#bash52-010.diff
+#bash52-011.diff
+#bash52-012.diff
+#bash52-013.diff
+#bash52-014.diff
+#bash52-015.diff
+bashbug-editor.diff
+deb-bash-config.diff
+deb-examples.diff
+man-arithmetic.diff
+man-fignore.diff
+man-bashrc.diff
+man-bashlogout.diff
+man-nocaseglob.diff
+man-test.diff
+man-test2.diff
+rbash-manpage.diff
+bash-default-editor.diff
+input-err.diff
+exec-redirections-doc.diff
+bash-aliases-repeat.diff
+# no-brk-caching.diff
+use-system-texi2html.diff
+man-macro-warnings.diff
+man-vx-opts.diff
+bash-musl.diff
diff --git a/debian/patches/use-system-texi2html.diff b/debian/patches/use-system-texi2html.diff
new file mode 100644
index 0000000..8aac63e
--- /dev/null
+++ b/debian/patches/use-system-texi2html.diff
@@ -0,0 +1,13 @@
+--- a/doc/Makefile.in
++++ b/doc/Makefile.in
+@@ -70,8 +70,8 @@ TEXINDEX    = texindex
+ TEX	    = tex
+ 
+ MAKEINFO    = makeinfo
+-TEXI2DVI    = ${SUPPORT_SRCDIR}/texi2dvi
+-TEXI2HTML   = ${SUPPORT_SRCDIR}/texi2html
++TEXI2DVI    = texi2dvi
++TEXI2HTML   = texi2html
+ MAN2HTML    = ${BUILD_DIR}/support/man2html
+ HTMLPOST    = ${srcdir}/htmlpost.sh
+ QUIETPS	    = #set this to -q to shut up dvips