CVS commit: [pkgsrc-2014Q3] pkgsrc/shells/mksh

To: pkgsrc-changes%netbsd.org@localhost
Subject: CVS commit: [pkgsrc-2014Q3] pkgsrc/shells/mksh
From: "Matthias Scheler" <tron%netbsd.org@localhost>
Date: Thu, 9 Oct 2014 13:32:18 +0000

Module Name:    pkgsrc
Committed By:   tron
Date:           Thu Oct  9 13:32:18 UTC 2014

Modified Files:
        pkgsrc/shells/mksh [pkgsrc-2014Q3]: Makefile distinfo
        pkgsrc/shells/mksh/patches [pkgsrc-2014Q3]: patch-mksh.1

Log Message:
Pullup ticket #4518 - requested by bsiegert
shells/mksh: security update

Revisions pulled up:
- shells/mksh/Makefile                                          1.28
- shells/mksh/distinfo                                          1.26
- shells/mksh/patches/patch-mksh.1                              1.7

---
   Module Name:    pkgsrc
   Committed By:   bsiegert
   Date:           Tue Oct  7 18:51:02 UTC 2014

   Modified Files:
           pkgsrc/shells/mksh: Makefile distinfo
           pkgsrc/shells/mksh/patches: patch-mksh.1

   Log Message:
   Security: Update mksh to 50d.

   R50d is a required bugfix release:

   - [Goodbox] Fix NULL pointer dereference on “unset x; nameref x”
   - [tg] Fix severe regression in field splitting (LP#1378208)
   - [tg] Add a warning about not using tainted user input (including from
     the environ(7)ment) in arithmetics, until Stéphane writes it up nicely

   R50c is a security fix release:

   - [tg] Know more rare signals when generating sys_signame[] replacement
   - [tg] OpenBSD sync (mostly RCSID only)
   - [tg] Document HISTSIZE limit; found by luigi_345 on IRC
   - [zacts] Fix link to Debian .mkshrc
   - [tg] Cease exporting $RANDOM (Debian #760857)
   - [tg] Fix C99 compatibility
   - [tg] Work around klibc bug causing a coredump (Debian #763842)
   - [tg] Use issetugid(2) as additional check if we are FPRIVILEGED
   - [tg] SECURITY: do not permit += from environment
   - [tg] Fix more field splitting bugs reported by Stephane Chazelas and
     mikeserv; document current status wrt. ambiguous ones as testcases too


To generate a diff of this commit:
cvs rdiff -u -r1.27 -r1.27.2.1 pkgsrc/shells/mksh/Makefile
cvs rdiff -u -r1.25 -r1.25.2.1 pkgsrc/shells/mksh/distinfo
cvs rdiff -u -r1.6 -r1.6.2.1 pkgsrc/shells/mksh/patches/patch-mksh.1

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/devel/guile-www
Next by Date: CVS commit: pkgsrc
Previous by Thread: CVS commit: pkgsrc/devel/guile-www
Next by Thread: CVS commit: pkgsrc
Indexes:

Home | Main Index | Thread Index | Old Index