ksh 93u+20120801-3.4+deb10u1 source package in Debian
Changelog
ksh (93u+20120801-3.4+deb10u1) buster; urgency=high
* Fix for CVE-2019-14868: in ksh version 20120801, a flaw was found
in the way it evaluates certain environment variables. An attacker
could use this flaw to override or bypass environment restrictions
to execute shell commands. Services and applications that allow
remote unauthenticated attackers to provide one of those
environment variables could allow them to exploit this issue
remotely. (Closes: #948989)
-- Anuradha Weeraman <email address hidden> Sun, 12 Jul 2020 11:26:07 -0400
Upload details
- Uploaded by:
- Nicholas Bamber
- Uploaded to:
- Buster
- Original maintainer:
- Nicholas Bamber
- Architectures:
- any
- Section:
- shells
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Buster | release | main | shells |
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| ksh_93u+20120801-3.4+deb10u1.dsc | 1.8 KiB | 1b6ab2859bdb0adb96f2b2f7d3116008f5382f0a27871549b658103db281e941 |
| ksh_93u+20120801.orig.tar.gz | 2.3 MiB | 052d598df7ed3cbd0fdf458b796262b0b59f4cd3305d970be1cc2287408dbfc9 |
| ksh_93u+20120801-3.4+deb10u1.debian.tar.xz | 17.2 KiB | f3379767c58f9c6c1915919f05520bf56cd2429884a7b8c76576206301f2c2b0 |
No changes file available.
