Date: Fri, 7 Feb 2020 19:38:23 +0000 (UTC) From: Cy Schubert <cy@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r525497 - head/shells/ksh93 Message-ID: <202002071938.017JcNDF023616@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: cy Date: Fri Feb 7 19:38:23 2020 New Revision: 525497 URL: https://svnweb.freebsd.org/changeset/ports/525497 Log: Fix CVE-2019-14868: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection. Submitted by: Siteshwar Vashisht <svashisht@redhat.com> Reported by: Marian Rehak MFH: 2020Q1 Security: CVE-2019-14868 https://bugzilla.redhat.com/show_bug.cgi?id=1757324 https://access.redhat.com/security/cve/CVE-2019-14868 Modified: head/shells/ksh93/Makefile (contents, props changed) Modified: head/shells/ksh93/Makefile ============================================================================== --- head/shells/ksh93/Makefile Fri Feb 7 19:15:48 2020 (r525496) +++ head/shells/ksh93/Makefile Fri Feb 7 19:38:23 2020 (r525497) @@ -2,6 +2,7 @@ PORTNAME= ksh93 DISTVERSION= 2020.0.1 +PORTREVISION= 1 PORTEPOCH= 1 CATEGORIES= shells
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202002071938.017JcNDF023616>