Patch Upstream Report: Red Hat

Here are the patches from Red Hat and what 93u+m has done with them.

Tue Jan 28 2020 Siteshwar Vashisht svashisht@redhat.com - 20120801-38

Do not evaluate arithmetic expressions from environment variables
at startup
Resolves: #1790542

public bug: https://bugzilla.redhat.com/CVE-2019-14868
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-cve-2019-14868.patch
DONE: 593a5a8b

Thu Jan 18 2018 Siteshwar Vashisht svashisht@redhat.com - 20120801-37

Fix a crash due to out of bounds write
Resolves: #1506344

public bug: https://bugzilla.redhat.com/1506344
patched by: https://bugzilla.redhat.com/attachment.cgi?id=1370722&action=diff
DONE: 1477b5ff

Mon Oct 30 2017 Siteshwar Vashisht svashisht@redhat.com - 20120801-36

Add configuration option to enable signal bubbling for backward
compatibility
Resolves: #1454804

public bug: https://bugzilla.redhat.com/1454804
patched by: https://bugzilla.redhat.com/attachment.cgi?id=1317752&action=diff
note: takes an effect only if $_AST_KSH_SIGNAL_BUBBLE is set
ACTUALLY FIXED in: 30aee651

Tue Jun 27 2017 Siteshwar Vashisht svashisht@redhat.com - 20120801-35

Fix a crash during clean up after sourcing multiple files
Resolves: #1437530

public bug: https://bugzilla.redhat.com/1321443
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-dotdoublefree.patch
DONE: a8f6d6b8

Thu May 18 2017 Siteshwar Vashisht svashisht@redhat.com - 20120801-34

Fix a memory leak while creating subshells
Resolves: #1324990

private bug: https://bugzilla.redhat.com/1324990
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-subshell-leak.patch
DONE: 361fe1fc

Fri Jan 08 2016 Michal Hlavinka mhlavink@redhat.com - 20120801-33

ksh crashed when disk was full (#1212992)

public bug: https://bugzilla.redhat.com/1212992
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20140801-diskfull.patch
~~DONE: ceb77b13~~
REVERTED in b7dde4e7 as it caused bug #281. Further testing showed that this patch is redundant as of commit 970069a6 as that also fixes the login crash on disk full.

Thu Nov 26 2015 Michal Hlavinka mhlavink@redhat.com - 20120801-32

fix: in a login shell "( cmd & )" does nothing (#1217236)

public bug: https://bugzilla.redhat.com/1217236
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-nohupfork.patch
DONE (differently): e3d7bf1d

multibyte character string after $1-9 was not expanded correctly
(#1256495)

public bug: https://bugzilla.redhat.com/1256495
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-mb-after-argvar.patch
DONE: 4144f404

case in a for loop inside a subshell caused syntax error (#1241013)

public bug: https://bugzilla.redhat.com/1241013
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-parserfix.patch
DONE: bd283959

Wed Aug 19 2015 Michal Hlavinka mhlavink@redhat.com - 20120801-31

fix another occurrence of previous bug (#1247383)

Wed Aug 12 2015 Michal Hlavinka mhlavink@redhat.com - 20120801-30

do not free constant string trap (#1247383)

public bug: https://bugzilla.redhat.com/1247383
patched by (patch of patch): https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-trapcom.patch
DUPE: 6193c6a3, a5d38b1d

Tue Jul 07 2015 Michal Hlavinka mhlavink@redhat.com - 20120801-29

prevent null-test optimization in strdup (#1221766)

public bug (not much useful): https://bugzilla.redhat.com/1221766
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-badgcc.patch
DONE: 7afb30e1

Fri Apr 03 2015 Michal Hlavinka mhlavink@redhat.com - 20120801-28

using trap DEBUG could cause segmentation fault (#1200534)

private bug: https://bugzilla.redhat.com/1200534
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20140801-arraylen.patch
DONE: bb15f7fb

Mon Mar 23 2015 Michal Hlavinka mhlavink@redhat.com - 20120801-27

ksh could hang when executed in removed directory (#1204111)

public bug: https://bugzilla.redhat.com/1204111
patched by (patch of patch): https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-cdfork.patch
note: triggered by a fix for https://bugzilla.redhat.com/1168611
DUPE: f7c3565f

Thu Mar 05 2015 Michal Hlavinka mhlavink@redhat.com - 20120801-26

fix segfault when handling a trap (#1117404)

public bug: https://bugzilla.redhat.com/1117404
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-trapcom.patch
DONE: 6193c6a3, a5d38b1d; fixed off-by-one in 3aee10d7

closing a file descriptor in a command substitution caused loss of
the output (#1116072)

public bug: https://bugzilla.redhat.com/1116072
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20140929-safefd.patch
DONE: 045fe6a1

Fri Feb 13 2015 Michal Hlavinka mhlavink@redhat.com - 20120801-25

combining alarm and IFS caused segfault (#1176670)

public bug: https://bugzilla.redhat.com/1176670
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-alarmifs.patch
DONE: 18b3f4aa, part reverted in f033bb03

Thu Feb 12 2015 Michal Hlavinka mhlavink@redhat.com - 20120801-24

cd to directory without execution permission can't fail silently
(#1160923)

private bug: https://bugzilla.redhat.com/1160923
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-noexeccdfix.patch
(on cold ice) new ‘cd’ (#5/5)

current directory could differ from PWD (#1168611)

public bug: https://bugzilla.redhat.com/1168611
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-cdfork.patch
DONE: f7c3565f

declaration of a two dimensional associative array could add an
extra 0 element (#1173668)

public bug: https://bugzilla.redhat.com/1173668
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-emptyarrayinit.patch
DONE: 02a14ff9

exporting fixed with variable corrupted its data (#1188377)

public bug: https://bugzilla.redhat.com/1188377
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-xufix.patch
DONE: fdb9781e, improved in: 95fe07d8, 0e4c4d61

fixes memory leak on unset of associative array (#1189294)

public bug: https://bugzilla.redhat.com/1189294
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-assoc-unset-leak.patch
DONE: e70925ce

Thu Feb 12 2015 Michal Hlavinka mhlavink@redhat.com - 20120801-23

do not inherit invalid variables during shell initializaton (#1147645)

public bug: https://bugzilla.redhat.com/1147645
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-oldenvinit.patch
DONE: 960a1a99

Thu Oct 02 2014 Michal Hlavinka mhlavink@redhat.com - 20120801-22

ksh hangs when command substitution containing pipe fills out the
pipe buffer (#1138751)

public bug: https://bugzilla.redhat.com/1138751
patched by (patch of patch): https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/
DUPE: 4ce486a7; regress test added: 95225e1e; superseded: 42becab6

Tue Sep 02 2014 Michal Hlavinka mhlavink@redhat.com - 20120801-21

the last patch was not applied correctly (#1116508)

Tue Sep 02 2014 Michal Hlavinka mhlavink@redhat.com - 20120801-20

return code from a function could be wrong (#1116508)

public bug: https://bugzilla.redhat.com/1116508
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-retfix.patch
DONE: 7e6bbf85

Wed Aug 27 2014 Michal Hlavinka mhlavink@redhat.com - 20120801-19

cd builtin could break IO redirection (#1133582)

public bug: https://bugzilla.redhat.com/1133582
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20130613-cdfix4.patch
(on cold ice) new ‘cd’ (#4/5)

Fri Jul 25 2014 Michal Hlavinka mhlavink@redhat.com - 20120801-18

job locking mechanism did not survive compiler optimization (#1112306)

public bug: https://bugzilla.redhat.com/1112306
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-locking.patch
DONE better in: c258a04f

wrong return code from a pipe in command substitution (#1117316)

public bug: https://bugzilla.redhat.com/1117316
patched by (patch of patch): https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-crash.patch
DUPE: ce68e1be

Fri Jun 20 2014 Michal Hlavinka mhlavink@redhat.com - 20120801-17

do not crash when unsetting running function from another one
(#1105138)

private bug: https://bugzilla.redhat.com/1105138
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-fununset.patch
DONE (better): b7932e87, c382cea1

should report an error when trying to cd into directory without
execution bit (#1102627)

public bug: https://bugzilla.redhat.com/1102627
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-cdfix3.patch
(on cold ice) new ‘cd’ (#3/5)

Wed May 21 2014 Michal Hlavinka mhlavink@redhat.com - 20120801-16

do not resend signal on termination (#1075635)

public bug: https://bugzilla.redhat.com/1075635
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-sufix.patch
DONE: 352e68da

fix argv rewrite (#1047506)

private bug: https://bugzilla.redhat.com/1047506
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-argvfix.patch
DONE (better): cefe087d, 159fb9ee

fix brace expansion on/off (#1078698)

private bug: https://bugzilla.redhat.com/1078698
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20140301-fikspand.patch
DONE: a14d17c0

fix incorrect rounding of numbers 0.5 < |x| <1.0 in printf (#1070350)

private bug: https://bugzilla.redhat.com/1070350
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-roundit.patch
DONE much better by hyenias: d7c90ead

fix parser errors related to the end of the here-document marker
(#1036931)

private bug: https://bugzilla.redhat.com/1036931
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-heresub.patch
DONE: 6e515f1d

ksh hangs when command substitution fills out the pipe buffer
(#1062296)

private bug: https://bugzilla.redhat.com/1062296
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20140415-hokaido.patch
DONE: 4ce486a7; superseded: 42becab6

using typeset -l with a restricted variable caused segmentation
fault (#1083713)

private bug: https://bugzilla.redhat.com/1083713
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-tpstl.patch
DONE: 3654ee73

ksh stopped on read when monitor mode was enabled (#1023109)

public bug: https://bugzilla.redhat.com/1023109
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-mtty.patch
NOT APPLIED. Martijn says: I can’t reproduce this bug (on any ksh version), and the fix looks dodgy.
It falls back to getpid() to set a process group ID. Should that not be getpgrp()?

monitor mode was documented incorrectly (#1019334)

public bug: https://bugzilla.redhat.com/1019334
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-manfix4.patch
REJECTED: The original documentation is correct and the patch is wrong.

Tue May 13 2014 Michal Hlavinka mhlavink@redhat.com - 20120801-15

fix segfault in job list code (#825520)

private bug: https://bugzilla.redhat.com/825520
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-crash.patch
DONE: ce68e1be

Tue Mar 04 2014 Michal Hlavinka mhlavink@redhat.com - 20120801-14

reading a file via command substitution did not work when any of stdin,
stdout or stderr were closed (#1066589)

private bug: https://bugzilla.redhat.com/1066589
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-filecomsubst.patch
DONE: fe6d0903, improved by 7444fc7c

Wed Jan 22 2014 Michal Hlavinka mhlavink@redhat.com - 20120801-13

fix memory leak (#1036470)

private bug: https://bugzilla.redhat.com/1036470
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-memlik3.patch
DONE: 461a1aeb

Mon Jan 20 2014 Michal Hlavinka mhlavink@redhat.com - 20120801-12

use different fix for last bug

Fri Jan 10 2014 Michal Hlavinka mhlavink@redhat.com - 20120801-11

standard error output could get misdirected (#1036802)

private bug: https://bugzilla.redhat.com/1036802
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-fd2lost.patch
DONE: 970069a6

Wed Oct 16 2013 Michal Hlavinka mhlavink@redhat.com - 20120801-10

ksh sometimes wrote wrong byte sequence to terminal when vi editing
mode was used (#1016611)

patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-nomulti.patch
reproducer used by QE:

ksh-20120801-9.el6: $ set -o vi $ strace -ttfFv -p $$ 2>&1 | grep -m 1 '\\0\\n' & [1] 9740 $ 12:53:45.485903 write(2, "\0\n", 2) = 2 $ [1] + Done strace -ttfFv -p $$ 2>&1 | grep -m 1 '\\0\\n' & $ => FAILED ----------- ksh-20120801-10.el6: $ set -o vi $ strace -ttfFv -p $$ 2>&1 | grep -m 1 '\\0\\n' & [1] 9761 $ $ $ $ => PASSED

REJECTED. Cannot reproduce on CentOS. I’m not going to disable -o multiline by default.

Tue Sep 24 2013 Michal Hlavinka mhlavink@redhat.com - 20120801-9

ctrl-c during read did not kill job group (#960034)

private bug: https://bugzilla.redhat.com/960034
patched by (patch of patch): https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-kshmfix.patch
(DUPE) DONE: 7e5fd3e9

This patch introduced a bug that caused interactive ksh to exit on Ctrl+C if SIGINT is ignored. This was worked around with a kludge in 55dc80ce. Later, I figured out that the kludge was only needed because the Red Hat patch failed to delete the siglongjmp() call after the killpg(), which causes incorrect behaviour if SIGINT is ignored. Properly fixed at last in 14aaf914.

Fri Sep 13 2013 Michal Hlavinka mhlavink@redhat.com - 20120801-8

fix errors in man page (#1007816)

public bug: https://bugzilla.redhat.com/891503
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20100621-manfix3.patch
DONE (differently) in 778b3da7

Tue Aug 13 2013 Michal Hlavinka mhlavink@redhat.com - 20120801-7

fix command substitution in pipelines (#994241)

private bug: https://bugzilla.redhat.com/994251
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-macro.patch
[Martijn says: This patch doesn’t fix this bug shown in 994251 - it causes it! What it fixes is a bug with command substitutions in here-documents. This bug is actually fixed by ksh-20120801-fd2lost.patch which in the .spec is associated with rhbz#1048272 (which is still closed to me).]
DONE: 970069a6

Tue Jul 30 2013 Michal Hlavinka mhlavink@redhat.com - 20120801-6

fix license tag

spec-file only change (no-op for upstream)

Mon Jul 29 2013 Michal Hlavinka mhlavink@redhat.com - 20120801-5

fix another memory leak (#982142)

Mon Jul 22 2013 Michal Hlavinka mhlavink@redhat.com - 20120801-4

fix two memory leaks (#982142)

private bug: https://bugzilla.redhat.com/982142
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-mlikfiks.patch
DONE: fe20311f, 0d3bedd6

Thu Jul 11 2013 Michal Hlavinka mhlavink@redhat.com - 20120801-3

assignment to right justified variables did not work correctly (#903750)

private bug: https://bugzilla.redhat.com/903750
DONE: 73038247 (regress test only)

Mon Jul 08 2013 Michal Hlavinka mhlavink@redhat.com - 20120801-2

fix overflow in subshell loop (#858263)

private bug: https://bugzilla.redhat.com/858263
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20130628-longer.patch
DONE: 05ac1dbb (modified, extended with stack fix)

set default editing mode to emacs (#761551)

public bug: https://bugzilla.redhat.com/761551
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/dotkshrc#_8
NOT APPLIED (just .kshrc, is irrelevant)

ksh -m did not turn monitor mode on (#960034)

private bug: https://bugzilla.redhat.com/960034
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-kshmfix.patch
DONE: 7e5fd3e9

This patch introduced a bug that caused interactive ksh to exit on Ctrl+C if SIGINT is ignored. This was worked around with a kludge in 55dc80ce. Later, I figured out that the kludge was only needed because the Red Hat patch failed to delete the siglongjmp() call after the killpg(), which causes incorrect behaviour if SIGINT is ignored. Properly fixed at last in 14aaf914.

prevent fork bomb triggered by SIGTSTP (#922851)

public bug: https://bugzilla.redhat.com/922851
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-forkbomb.patch
DONE: 66c955bc

Thu Jul 04 2013 Michal Hlavinka mhlavink@redhat.com - 20120801-1

updated to 20120801, fixes (#840568)

private bug: https://bugzilla.redhat.com/840568
related patches:

https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-rmdirfix.patch
(on cold ice) new ‘cd’ (#1/5)
https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-cdfix.patch
DONE (differently): bb4745e8
https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-cdfix2.patch
(on cold ice) new ‘cd’ (#2/5)
https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-tabfix.patch
FIXED differently. The Red Hat patch breaks menu-based filename completion completely after the first slash: all digits are taken as literal characters then so it becomes impossible to select from the menu. A better fix was backported from ksh 93v- beta in ba43436f.
https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20130214-fixkill.patch
DONE: ff358f34, 88e8fa67

fix several memory leaks (#921455)

private bug: https://bugzilla.redhat.com/921455
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-memlik.patch
DONE: 05683ec7

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Patch Upstream Report: Red Hat

Clone this wiki locally