Shortly after the release of Ubuntu 20.04 LTS ksh was reverted back to
version 93u+.

ksh (2020.0.0+really93u+20120801-6) unstable; urgency=high

  * v2020 of ksh is no longer being maintained and upstream repository has
    been reverted back to the last stable version of 93u+. This update
    reverts back the ksh2020 changes back to the original ksh93 from AT&T.
  * Patch for CVE-2019-14868 - certain environment variables were
    interpreted as arithmetic expressions on startup, leading to code
    injection

 -- Anuradha Weeraman <anura...@debian.org>  Sat, 27 Jun 2020 21:17:32
-0400

It might be possible to create an SRU of ksh to Ubuntu 20.04 LTS that
also reverts it to revision 93u. The SRU process is documented at
https://wiki.ubuntu.com/StableReleaseUpdates.

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-14868

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1918017

Title:
  ksh93 problems

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ksh/+bug/1918017/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to