Bug#36027: More information on bash compile-time hole
I was too terse with the bug report, sorry. Here are the details:
During ./configure, tests for OPENDIR_NOT_ROBUST and NAMED_PIPES_MISSING may
overwrite files if there is already a symbolic link with the same name in /tmp.
./configure --with-installed-readline executes support/rlvers.sh, which
creates an executable in /tmp and then runs it. Between these events, the
executable may be replaced with a Trojan horse.
None of these are generic bugs, they only affect bash. I'll reassign the bug