Shortly after the release of Ubuntu 20.04 LTS ksh was reverted back to
version 93u+.
ksh (2020.0.0+really93u+20120801-6) unstable; urgency=high
* v2020 of ksh is no longer being maintained and upstream repository has
been reverted back to the last stable version of 93u+. This update
reverts back the ksh2020 changes back to the original ksh93 from AT&T.
* Patch for CVE-2019-14868 - certain environment variables were
interpreted as arithmetic expressions on startup, leading to code
injection
-- Anuradha Weeraman <[email protected]> Sat, 27 Jun 2020 21:17:32
-0400
It might be possible to create an SRU of ksh to Ubuntu 20.04 LTS that
also reverts it to revision 93u. The SRU process is documented at
https://wiki.ubuntu.com/StableReleaseUpdates.
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-14868
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1918017
Title:
ksh93 problems
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ksh/+bug/1918017/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
