svn commit: r525497 - head/shells/ksh93
Cy Schubert
cy at FreeBSD.org
Fri Feb 7 19:38:24 UTC 2020
Author: cy
Date: Fri Feb 7 19:38:23 2020
New Revision: 525497
URL: https://svnweb.freebsd.org/changeset/ports/525497
Log:
Fix CVE-2019-14868: certain environment variables interpreted as
arithmetic expressions on startup, leading to code injection.
Submitted by: Siteshwar Vashisht <svashisht at redhat.com>
Reported by: Marian Rehak
MFH: 2020Q1
Security: CVE-2019-14868
https://bugzilla.redhat.com/show_bug.cgi?id=1757324
https://access.redhat.com/security/cve/CVE-2019-14868
Modified:
head/shells/ksh93/Makefile (contents, props changed)
Modified: head/shells/ksh93/Makefile
==============================================================================
--- head/shells/ksh93/Makefile Fri Feb 7 19:15:48 2020 (r525496)
+++ head/shells/ksh93/Makefile Fri Feb 7 19:38:23 2020 (r525497)
@@ -2,6 +2,7 @@
PORTNAME= ksh93
DISTVERSION= 2020.0.1
+PORTREVISION= 1
PORTEPOCH= 1
CATEGORIES= shells
More information about the svn-ports-all
mailing list