File bash-4.3-CVE20169401-simple-segv.patch of Package bash.4748

No idea why this has become a CVE-2016-9401 as upstream says that
this is not a security bug but a simple segmentation fault, see
https://lists.gnu.org/archive/html/bug-bash/2016-11/msg00116.html

---
 builtins/pushd.def |    7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

--- builtins/pushd.def
+++ builtins/pushd.def	2017-05-09 08:47:17.564811033 +0000
@@ -359,7 +359,7 @@ popd_builtin (list)
 	break;
     }
 
-  if (which > directory_list_offset || (directory_list_offset == 0 && which == 0))
+  if (which > directory_list_offset || (which < -directory_list_offset) || (directory_list_offset == 0 && which == 0))
     {
       pushd_error (directory_list_offset, which_word ? which_word : "");
       return (EXECUTION_FAILURE);
@@ -381,6 +381,11 @@ popd_builtin (list)
 	 remove that directory from the list and shift the remainder
 	 of the list into place. */
       i = (direction == '+') ? directory_list_offset - which : which;
+      if (i < 0 || i > directory_list_offset)
+	{
+	  pushd_error (directory_list_offset, which_word ? which_word : "");
+	  return (EXECUTION_FAILURE);
+	}
       free (pushd_directory_list[i]);
       directory_list_offset--;