-
Notifications
You must be signed in to change notification settings - Fork 32
Patch Upstream Report: Red Hat
Here are the patches from Red Hat and what 93u+m has done with them.
- Tue Jan 28 2020 Siteshwar Vashisht [email protected] - 20120801-38
- Do not evaluate arithmetic expressions from environment variables
at startup
Resolves: #1790542
public bug: https://bugzilla.redhat.com/CVE-2019-14868
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-cve-2019-14868.patch
DONE: 593a5a8b
- Thu Jan 18 2018 Siteshwar Vashisht [email protected] - 20120801-37
- Fix a crash due to out of bounds write
Resolves: #1506344
public bug: https://bugzilla.redhat.com/1506344
patched by: https://bugzilla.redhat.com/attachment.cgi?id=1370722&action=diff
DONE: 1477b5ff
- Mon Oct 30 2017 Siteshwar Vashisht [email protected] - 20120801-36
- Add configuration option to enable signal bubbling for backward
compatibility
Resolves: #1454804
public bug: https://bugzilla.redhat.com/1454804
patched by: https://bugzilla.redhat.com/attachment.cgi?id=1317752&action=diff
note: takes an effect only if $_AST_KSH_SIGNAL_BUBBLE is set
ACTUALLY FIXED in: 30aee651
- Tue Jun 27 2017 Siteshwar Vashisht [email protected] - 20120801-35
- Fix a crash during clean up after sourcing multiple files
Resolves: #1437530
public bug: https://bugzilla.redhat.com/1321443
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-dotdoublefree.patch
DONE: a8f6d6b8
- Thu May 18 2017 Siteshwar Vashisht [email protected] - 20120801-34
- Fix a memory leak while creating subshells
Resolves: #1324990
private bug: https://bugzilla.redhat.com/1324990
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-subshell-leak.patch
DONE: 361fe1fc
- Fri Jan 08 2016 Michal Hlavinka [email protected] - 20120801-33
- ksh crashed when disk was full (#1212992)
public bug: https://bugzilla.redhat.com/1212992
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20140801-diskfull.patch
DONE: ceb77b13
REVERTED in b7dde4e7 as it caused bug #281. Further testing showed that this patch is redundant as of commit 970069a6 as that also fixes the login crash on disk full.
- Thu Nov 26 2015 Michal Hlavinka [email protected] - 20120801-32
- fix: in a login shell "( cmd & )" does nothing (#1217236)
public bug: https://bugzilla.redhat.com/1217236
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-nohupfork.patch
DONE (differently): e3d7bf1d
- multibyte character string after $1-9 was not expanded correctly
(#1256495)
public bug: https://bugzilla.redhat.com/1256495
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-mb-after-argvar.patch
DONE: 4144f404
- case in a for loop inside a subshell caused syntax error (#1241013)
public bug: https://bugzilla.redhat.com/1241013
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-parserfix.patch
DONE: bd283959
- Wed Aug 19 2015 Michal Hlavinka [email protected] - 20120801-31
- fix another occurrence of previous bug (#1247383)
- Wed Aug 12 2015 Michal Hlavinka [email protected] - 20120801-30
- do not free constant string trap (#1247383)
public bug: https://bugzilla.redhat.com/1247383
patched by (patch of patch): https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-trapcom.patch
DUPE: 6193c6a3, a5d38b1d
- Tue Jul 07 2015 Michal Hlavinka [email protected] - 20120801-29
- prevent null-test optimization in strdup (#1221766)
public bug (not much useful): https://bugzilla.redhat.com/1221766
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-badgcc.patch
DONE: 7afb30e1
- Fri Apr 03 2015 Michal Hlavinka [email protected] - 20120801-28
- using trap DEBUG could cause segmentation fault (#1200534)
private bug: https://bugzilla.redhat.com/1200534
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20140801-arraylen.patch
DONE: bb15f7fb
- Mon Mar 23 2015 Michal Hlavinka [email protected] - 20120801-27
- ksh could hang when executed in removed directory (#1204111)
public bug: https://bugzilla.redhat.com/1204111
patched by (patch of patch): https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-cdfork.patch
note: triggered by a fix for https://bugzilla.redhat.com/1168611
DUPE: f7c3565f
- Thu Mar 05 2015 Michal Hlavinka [email protected] - 20120801-26
- fix segfault when handling a trap (#1117404)
public bug: https://bugzilla.redhat.com/1117404
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-trapcom.patch
DONE: 6193c6a3, a5d38b1d; fixed off-by-one in 3aee10d7
- closing a file descriptor in a command substitution caused loss of
the output (#1116072)
public bug: https://bugzilla.redhat.com/1116072
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20140929-safefd.patch
DONE: 045fe6a1
- Fri Feb 13 2015 Michal Hlavinka [email protected] - 20120801-25
- combining alarm and IFS caused segfault (#1176670)
public bug: https://bugzilla.redhat.com/1176670
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-alarmifs.patch
DONE: 18b3f4aa, part reverted in f033bb03
- Thu Feb 12 2015 Michal Hlavinka [email protected] - 20120801-24
- cd to directory without execution permission can't fail silently
(#1160923)
private bug: https://bugzilla.redhat.com/1160923
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-noexeccdfix.patch
(on cold ice) new ‘cd’ (#5/5)
- current directory could differ from PWD (#1168611)
public bug: https://bugzilla.redhat.com/1168611
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-cdfork.patch
DONE: f7c3565f
- declaration of a two dimensional associative array could add an
extra 0 element (#1173668)
public bug: https://bugzilla.redhat.com/1173668
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-emptyarrayinit.patch
DONE: 02a14ff9
- exporting fixed with variable corrupted its data (#1188377)
public bug: https://bugzilla.redhat.com/1188377
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-xufix.patch
DONE: fdb9781e, improved in: 95fe07d8, 0e4c4d61
- fixes memory leak on unset of associative array (#1189294)
public bug: https://bugzilla.redhat.com/1189294
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-assoc-unset-leak.patch
DONE: e70925ce
- Thu Feb 12 2015 Michal Hlavinka [email protected] - 20120801-23
- do not inherit invalid variables during shell initializaton (#1147645)
public bug: https://bugzilla.redhat.com/1147645
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-oldenvinit.patch
DONE: 960a1a99
- Thu Oct 02 2014 Michal Hlavinka [email protected] - 20120801-22
- ksh hangs when command substitution containing pipe fills out the
pipe buffer (#1138751)
public bug: https://bugzilla.redhat.com/1138751
patched by (patch of patch): https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/
DUPE: 4ce486a7; regress test added: 95225e1e; superseded: 42becab6
- Tue Sep 02 2014 Michal Hlavinka [email protected] - 20120801-21
- the last patch was not applied correctly (#1116508)
- Tue Sep 02 2014 Michal Hlavinka [email protected] - 20120801-20
- return code from a function could be wrong (#1116508)
public bug: https://bugzilla.redhat.com/1116508
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-retfix.patch
DONE: 7e6bbf85
- Wed Aug 27 2014 Michal Hlavinka [email protected] - 20120801-19
- cd builtin could break IO redirection (#1133582)
public bug: https://bugzilla.redhat.com/1133582
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20130613-cdfix4.patch
(on cold ice) new ‘cd’ (#4/5)
- Fri Jul 25 2014 Michal Hlavinka [email protected] - 20120801-18
- job locking mechanism did not survive compiler optimization (#1112306)
public bug: https://bugzilla.redhat.com/1112306
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-locking.patch
DONE better in: c258a04f
- wrong return code from a pipe in command substitution (#1117316)
public bug: https://bugzilla.redhat.com/1117316
patched by (patch of patch): https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-crash.patch
DUPE: ce68e1be
- Fri Jun 20 2014 Michal Hlavinka [email protected] - 20120801-17
- do not crash when unsetting running function from another one
(#1105138)
private bug: https://bugzilla.redhat.com/1105138
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-fununset.patch
DONE (better): b7932e87, c382cea1
- should report an error when trying to cd into directory without
execution bit (#1102627)
public bug: https://bugzilla.redhat.com/1102627
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-cdfix3.patch
(on cold ice) new ‘cd’ (#3/5)
- Wed May 21 2014 Michal Hlavinka [email protected] - 20120801-16
- do not resend signal on termination (#1075635)
public bug: https://bugzilla.redhat.com/1075635
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-sufix.patch
DONE: 352e68da
- fix argv rewrite (#1047506)
private bug: https://bugzilla.redhat.com/1047506
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-argvfix.patch
DONE (better): cefe087d, 159fb9ee
- fix brace expansion on/off (#1078698)
private bug: https://bugzilla.redhat.com/1078698
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20140301-fikspand.patch
DONE: a14d17c0
- fix incorrect rounding of numbers 0.5 < |x| <1.0 in printf (#1070350)
private bug: https://bugzilla.redhat.com/1070350
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-roundit.patch
DONE much better by hyenias: d7c90ead
- fix parser errors related to the end of the here-document marker
(#1036931)
private bug: https://bugzilla.redhat.com/1036931
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-heresub.patch
DONE: 6e515f1d
- ksh hangs when command substitution fills out the pipe buffer
(#1062296)
private bug: https://bugzilla.redhat.com/1062296
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20140415-hokaido.patch
DONE: 4ce486a7; superseded: 42becab6
- using typeset -l with a restricted variable caused segmentation
fault (#1083713)
private bug: https://bugzilla.redhat.com/1083713
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-tpstl.patch
DONE: 3654ee73
- ksh stopped on read when monitor mode was enabled (#1023109)
public bug: https://bugzilla.redhat.com/1023109
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-mtty.patch
NOT APPLIED. Martijn says: I can’t reproduce this bug (on any ksh version), and the fix looks dodgy.
It falls back to getpid() to set a process group ID. Should that not be getpgrp()?
- monitor mode was documented incorrectly (#1019334)
public bug: https://bugzilla.redhat.com/1019334
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-manfix4.patch
REJECTED: The original documentation is correct and the patch is wrong.
- Tue May 13 2014 Michal Hlavinka [email protected] - 20120801-15
- fix segfault in job list code (#825520)
private bug: https://bugzilla.redhat.com/825520
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-crash.patch
DONE: ce68e1be
- Tue Mar 04 2014 Michal Hlavinka [email protected] - 20120801-14
- reading a file via command substitution did not work when any of stdin,
stdout or stderr were closed (#1066589)
private bug: https://bugzilla.redhat.com/1066589
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-filecomsubst.patch
DONE: fe6d0903, improved by 7444fc7c
- Wed Jan 22 2014 Michal Hlavinka [email protected] - 20120801-13
- fix memory leak (#1036470)
private bug: https://bugzilla.redhat.com/1036470
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-memlik3.patch
DONE: 461a1aeb
- Mon Jan 20 2014 Michal Hlavinka [email protected] - 20120801-12
- use different fix for last bug
- Fri Jan 10 2014 Michal Hlavinka [email protected] - 20120801-11
- standard error output could get misdirected (#1036802)
private bug: https://bugzilla.redhat.com/1036802
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-fd2lost.patch
DONE: 970069a6
- Wed Oct 16 2013 Michal Hlavinka [email protected] - 20120801-10
- ksh sometimes wrote wrong byte sequence to terminal when vi editing
mode was used (#1016611)
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-nomulti.patch
reproducer used by QE:
ksh-20120801-9.el6:
$ set -o vi
$ strace -ttfFv -p $$ 2>&1 | grep -m 1 '\\0\\n' &
[1] 9740
$
12:53:45.485903 write(2, "\0\n", 2) = 2
$
[1] + Done strace -ttfFv -p $$ 2>&1 | grep -m 1 '\\0\\n' &
$
=> FAILED
-----------
ksh-20120801-10.el6:
$ set -o vi
$ strace -ttfFv -p $$ 2>&1 | grep -m 1 '\\0\\n' &
[1] 9761
$
$
$
$
=> PASSED
REJECTED. Cannot reproduce on CentOS. I’m not going to disable -o multiline by default.
- Tue Sep 24 2013 Michal Hlavinka [email protected] - 20120801-9
- ctrl-c during read did not kill job group (#960034)
private bug: https://bugzilla.redhat.com/960034
patched by (patch of patch): https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-kshmfix.patch
(DUPE) DONE: 7e5fd3e9
This patch introduced a bug that caused interactive ksh to exit on Ctrl+C if SIGINT is ignored. This was worked around with a kludge in 55dc80ce. Later, I figured out that the kludge was only needed because the Red Hat patch failed to delete the siglongjmp() call after the killpg(), which causes incorrect behaviour if SIGINT is ignored. Properly fixed at last in 14aaf914.
- Fri Sep 13 2013 Michal Hlavinka [email protected] - 20120801-8
- fix errors in man page (#1007816)
public bug: https://bugzilla.redhat.com/891503
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20100621-manfix3.patch
DONE (differently) in 778b3da7
- Tue Aug 13 2013 Michal Hlavinka [email protected] - 20120801-7
- fix command substitution in pipelines (#994241)
private bug: https://bugzilla.redhat.com/994251
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-macro.patch
[Martijn says: This patch doesn’t fix this bug shown in 994251 - it causes it! What it fixes is a bug with command substitutions in here-documents. This bug is actually fixed by ksh-20120801-fd2lost.patch which in the .spec is associated with rhbz#1048272 (which is still closed to me).]
DONE: 970069a6
- Tue Jul 30 2013 Michal Hlavinka [email protected] - 20120801-6
- fix license tag
spec-file only change (no-op for upstream)
- Mon Jul 29 2013 Michal Hlavinka [email protected] - 20120801-5
- fix another memory leak (#982142)
- Mon Jul 22 2013 Michal Hlavinka [email protected] - 20120801-4
- fix two memory leaks (#982142)
private bug: https://bugzilla.redhat.com/982142
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-mlikfiks.patch
DONE: fe20311f, 0d3bedd6
- Thu Jul 11 2013 Michal Hlavinka [email protected] - 20120801-3
- assignment to right justified variables did not work correctly (#903750)
private bug: https://bugzilla.redhat.com/903750
DONE: 73038247 (regress test only)
- Mon Jul 08 2013 Michal Hlavinka [email protected] - 20120801-2
- fix overflow in subshell loop (#858263)
private bug: https://bugzilla.redhat.com/858263
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20130628-longer.patch
DONE: 05ac1dbb (modified, extended with stack fix)
- set default editing mode to emacs (#761551)
public bug: https://bugzilla.redhat.com/761551
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/dotkshrc#_8
NOT APPLIED (just .kshrc, is irrelevant)
- ksh -m did not turn monitor mode on (#960034)
private bug: https://bugzilla.redhat.com/960034
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-kshmfix.patch
DONE: 7e5fd3e9
This patch introduced a bug that caused interactive ksh to exit on Ctrl+C if SIGINT is ignored. This was worked around with a kludge in 55dc80ce. Later, I figured out that the kludge was only needed because the Red Hat patch failed to delete the siglongjmp() call after the killpg(), which causes incorrect behaviour if SIGINT is ignored. Properly fixed at last in 14aaf914.
- prevent fork bomb triggered by SIGTSTP (#922851)
public bug: https://bugzilla.redhat.com/922851
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-forkbomb.patch
DONE: 66c955bc
- Thu Jul 04 2013 Michal Hlavinka [email protected] - 20120801-1
- updated to 20120801, fixes (#840568)
private bug: https://bugzilla.redhat.com/840568
related patches:
- https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-rmdirfix.patch
(on cold ice) new ‘cd’ (#1/5) -
https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-cdfix.patch
DONE (differently): bb4745e8 - https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-cdfix2.patch
(on cold ice) new ‘cd’ (#2/5) - https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-tabfix.patch
FIXED differently. The Red Hat patch breaks menu-based filename completion completely after the first slash: all digits are taken as literal characters then so it becomes impossible to select from the menu. A better fix was backported from ksh 93v- beta in ba43436f. -
https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20130214-fixkill.patch
DONE: ff358f34, 88e8fa67
- fix several memory leaks (#921455)
private bug: https://bugzilla.redhat.com/921455
patched by: https://src.fedoraproject.org/rpms/ksh/blob/642af4d6/f/ksh-20120801-memlik.patch
DONE: 05683ec7