- Issued:
- 2013-09-30
- Updated:
- 2013-09-30
RHBA-2013:1351 - ksh bug fix update
Synopsis
ksh bug fix update
Type/Severity
Bug Fix Advisory
Topic
Updated ksh packages that fix several bugs are now available for Red Hat Enterprise Linux 5.
Description
KornShell (KSH) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (Bash) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
This update fixes the following bugs:
-
Due to a bug in the ksh package, command substitutions containing the pipe ("|") character returned incorrect return codes. This bug has been fixed, and the pipe character can now be used inside command substitutions without complications. (BZ#892206)
-
Previously, the ksh SIGTSTP signal handler could trigger another SIGTSTP signal. Consequently, ksh would enter an infinite loop. This updated version fixes the SIGTSTP signal processing and ksh now handles this signal without problems. (BZ#910923)
-
In certain cases, ksh did not execute command substitution inside of "here" documents. Consequently, some content of a here document could be missing. With this update, the command substitution for here documents has been fixed. As a result, here documents include data from command substitutions as expected. (BZ#912443)
-
Previously, when using arrays inside of ksh functions, memory leaks occurred. This bug has been fixed, and memory leaks no longer occur in the described scenario. (BZ#921138)
-
Previously, ksh did not resize the file descriptor list every time it was necessary. Consequently, a memory corruption could occur when a large amount of file descriptors were used. With this update, ksh has been modified to resize the file descriptor list every time it is needed. As a result, memory corruption no longer occurs in the described scenario. (BZ#958195)
-
Previously, ksh did not prevent modifications of variables of the read-only type. As a consequence, ksh terminated unexpectedly with a segmentation fault when such a variable had been modified. With this update, modification of read-only variables are not allowed, and ksh prints an error message in this scenario. (BZ#972732)
Users of ksh are advised to upgrade to these updated packages, which fix these bugs.
Solution
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Power, big endian | 5 | ppc |
| Red Hat Enterprise Linux for IBM z Systems | 5 | s390x |
| Red Hat Enterprise Linux Workstation | 5 | x86_64 |
| Red Hat Enterprise Linux Workstation | 5 | i386 |
| Red Hat Enterprise Linux Server | 5 | x86_64 |
| Red Hat Enterprise Linux Server | 5 | ia64 |
| Red Hat Enterprise Linux Server | 5 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 5 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 5 | i386 |
Updated Packages
- ksh-20100621-18.el5.src.rpm
- ksh-20100621-18.el5.i386.rpm
- ksh-20100621-18.el5.ppc.rpm
- ksh-debuginfo-20100621-18.el5.ia64.rpm
- ksh-20100621-18.el5.x86_64.rpm
- ksh-20100621-18.el5.ia64.rpm
- ksh-debuginfo-20100621-18.el5.s390x.rpm
- ksh-debuginfo-20100621-18.el5.ppc.rpm
- ksh-debuginfo-20100621-18.el5.i386.rpm
- ksh-20100621-18.el5.s390x.rpm
- ksh-debuginfo-20100621-18.el5.x86_64.rpm
Fixes
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.