diff --git a/bash-4.0-patches.tar.bz2 b/bash-4.0-patches.tar.bz2
index 351be21..894d618 100644
--- a/bash-4.0-patches.tar.bz2
+++ b/bash-4.0-patches.tar.bz2
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:64b45587a32f84769d300c251406047bf8ecf8e54eec72281da82913b4ad4b5b
-size 17535
+oid sha256:b64645f66d1d3121f0fc26215a902d5ca5ec6b4d59a14981617fdf69554ce259
+size 18292
diff --git a/bash-4.0-security.patch b/bash-4.0-security.patch
index f140a80..5987424 100644
--- a/bash-4.0-security.patch
+++ b/bash-4.0-security.patch
@@ -1,85 +1,43 @@
-Index: variables.c
-===================================================================
---- variables.c.orig
-+++ variables.c
-@@ -1203,6 +1203,7 @@ init_seconds_var ()
-   return v;      
- }
-      
-+#if !defined(linux)
- /* The random number seed.  You can change this by setting RANDOM. */
- static unsigned long rseed = 1;
+--- variables.c
++++ variables.c	2009-12-04 09:31:06.579929599 +0000
+@@ -1216,6 +1216,7 @@ static unsigned long rseed = 1;
  static int last_random_value;
-@@ -1256,6 +1257,24 @@ seedrand ()
+ static int seeded_subshell = 0;
+ 
++#if !defined(linux)
+ /* A linear congruential random number generator based on the example
+    one in the ANSI C standard.  This one isn't very good, but a more
+    complicated one is overkill. */
+@@ -1264,6 +1265,32 @@ seedrand ()
    sbrand (tv.tv_sec ^ tv.tv_usec ^ getpid ());
  }
  
 +#else
-+
-+static int last_sbrand_pid;
-+
-+static int brand ()
++/* Use ISO C Random Number Functions of the glibc */
++static int
++brand (void)
 +{
-+  return random() & 32767;
-+}
-+
-+static void sbrand (unsigned long seed)
-+{
-+  srandom(seed);
++  if (rseed == 0)
++    seedrand ();
++  return rand() & 32767;
 +}
 +
 +static void
-+seedrand () {}
++sbrand (unsigned long seed)
++{
++  rseed = seed;
++  srand(seed);
++}
++
++static void
++seedrand (void)
++{
++  struct timeval tv;
++  gettimeofday (&tv, NULL);
++  srand (tv.tv_sec ^ tv.tv_usec ^ getpid ());
++}
 +#endif
 +
  static SHELL_VAR *
  assign_random (self, value, unused, key)
       SHELL_VAR *self;
-@@ -1264,8 +1283,10 @@ assign_random (self, value, unused, key)
-      char *key;
- {
-   sbrand (strtoul (value, (char **)NULL, 10));
-+#if !defined(linux)
-   if (subshell_environment)
-     seeded_subshell = getpid ();
-+#endif
-   return (self);
- }
- 
-@@ -1274,6 +1295,7 @@ get_random_number ()
- {
-   int rv, pid;
- 
-+#if !defined(linux)
-   /* Reset for command and process substitution. */
-   pid = getpid ();
-   if (subshell_environment && seeded_subshell != pid)
-@@ -1285,6 +1307,18 @@ get_random_number ()
-   do
-     rv = brand ();
-   while (rv == last_random_value);
-+#else
-+  if (subshell_environment)
-+    {
-+      int mypid = getpid();
-+      if (mypid != last_sbrand_pid)
-+	{
-+	  last_sbrand_pid = mypid;
-+	  sbrand (mypid + NOW);
-+	}
-+    }
-+  rv = brand();
-+#endif
-   return rv;
- }
- 
-@@ -1296,7 +1330,9 @@ get_random (var)
-   char *p;
- 
-   rv = get_random_number ();
-+#if !defined(linux)
-   last_random_value = rv;
-+#endif
-   p = itos (rv);
- 
-   FREE (value_cell (var));
diff --git a/bash.changes b/bash.changes
index dec5b89..0268738 100644
--- a/bash.changes
+++ b/bash.changes
@@ -1,3 +1,24 @@
+-------------------------------------------------------------------
+Sat Dec 12 18:12:02 CET 2009 - jengelh@medozas.de
+
+- add baselibs.conf as a source
+
+-------------------------------------------------------------------
+Fri Dec  4 10:40:02 CET 2009 - werner@suse.de
+
+- Fix bug in bash-4.0-security.patch (bnc#559877)
+
+-------------------------------------------------------------------
+Thu Oct 29 15:23:20 CET 2009 - werner@suse.de
+
+- Update to newest patch level 35
+  * bash incorrectly interprets wildcarded path components between
+    a **/ and the last /
+  * bash incorrectly treated single and double quotes as
+    delimiters rather than introducing quoted strings when
+    splitting the line into words for programmable completion
+    functions
+
 -------------------------------------------------------------------
 Wed Sep 30 13:24:57 CEST 2009 - werner@suse.de
 
diff --git a/bash.spec b/bash.spec
index 6d5976b..54cd79c 100644
--- a/bash.spec
+++ b/bash.spec
@@ -19,7 +19,7 @@
 
 Name:           bash
 BuildRequires:  bison fdupes ncurses-devel
-License:        GPL v2 or later
+License:        GPLv2+
 Group:          System/Shells
 %define         bash_vers 4.0
 %define         rl_vers   6.0
@@ -28,7 +28,7 @@ Recommends:     bash-lang = %bash_vers
 Suggests:       command-not-found
 AutoReqProv:    on
 Version:        4.0
-Release:        17
+Release:        18
 Summary:        The GNU Bourne-Again Shell
 Url:            http://www.gnu.org/software/bash/bash.html
 Source0:        ftp://ftp.gnu.org/gnu/bash/bash-%{bash_vers}.tar.bz2
@@ -39,6 +39,7 @@ Source4:        run-tests
 Source5:        dot.bashrc
 Source6:        dot.profile
 Source7:        bash-rpmlintrc
+Source8:	baselibs.conf
 Patch0:         bash-%{bash_vers}.dif
 Patch1:         bash-2.03-manual.patch
 Patch2:         bash-4.0-security.patch
@@ -85,13 +86,13 @@ Authors:
     Chet Ramey <chet@ins.cwru.edu>
 
 %package -n bash-doc
-License:        GPL v2 or later
+License:        GPLv2+
 Summary:        Documentation how to Use the GNU Bourne-Again Shell
 Group:          Documentation/Man
 Provides:       bash:%{_infodir}/bash.info.gz
 PreReq:         %install_info_prereq
 Version:        4.0
-Release:        17
+Release:        18
 AutoReqProv:    on
 
 %description -n bash-doc
@@ -107,11 +108,11 @@ Authors:
 
 %lang_package(bash)
 %package -n bash-devel
-License:        GPL v2 or later
+License:        GPLv2+
 Summary:        Include Files mandatory for Development of bash loadable builtins
 Group:          Development/Languages/C and C++
 Version:        4.0
-Release:        6
+Release:        7
 AutoReqProv:    on
 
 %description -n bash-devel
@@ -127,11 +128,11 @@ Authors:
     Chet Ramey <chet@ins.cwru.edu>
 
 %package -n bash-loadables
-License:        GPL v2 or later
+License:        GPLv2+
 Summary:        Loadable bash builtins
 Group:          System/Shells
 Version:        4.0
-Release:        6
+Release:        7
 AutoReqProv:    on
 
 %description -n bash-loadables
@@ -195,12 +196,12 @@ Authors:
     Chet Ramey <chet@ins.cwru.edu>
 
 %package -n libreadline6
-License:        GPL v2 or later
+License:        GPLv2+
 Summary:        The Readline Library
 Group:          System/Libraries
 Provides:       bash:/%{_lib}/libreadline.so.%{rl_major}
 Version:        6.0
-Release:        17
+Release:        18
 Recommends:     readline-doc = %{version}
 # bug437293
 %ifarch ppc64
@@ -224,12 +225,12 @@ Authors:
     Chet Ramey <chet@ins.cwru.edu>
 
 %package -n readline-devel
-License:        GPL v2 or later
+License:        GPLv2+
 Summary:        Include Files and Libraries mandatory for Development
 Group:          Development/Libraries/C and C++
 Provides:       bash:%{_libdir}/libreadline.a
 Version:        6.0
-Release:        17
+Release:        18
 Requires:       libreadline6 = %{version}
 Requires:       ncurses-devel
 Recommends:     readline-doc = %{version}
@@ -252,13 +253,13 @@ Authors:
     Chet Ramey <chet@ins.cwru.edu>
 
 %package -n readline-doc
-License:        GPL v2 or later
+License:        GPLv2+
 Summary:        Documentation how to Use and Program with the Readline Library
 Group:          System/Libraries
 Provides:       readline:%{_infodir}/readline.info.gz
 PreReq:         %install_info_prereq
 Version:        6.0
-Release:        17
+Release:        18
 AutoReqProv:    on
 
 %description -n readline-doc