Please merge mksh 50d-1 (main) from Debian sid (main)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mksh (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: mksh, pdksh
Hi!
Please merge the latest mksh version from Debian sid (it’s going into testing → jessie RSN, too, and I plan to backport it as well; I’m the Debian maintainer as well as upstream).
I’ll attach a debdiff against Debian and one against the last Ubuntu version.
Thanks!
The new changelog entries are:
mksh (50c-1) unstable; urgency=high
* New upstream security release:
- [tg] Know more rare signals when generating sys_signame[] replacement
- [tg] OpenBSD sync (mostly RCSID only)
- [tg] Document HISTSIZE limit; found by luigi_345 on IRC
- [zacts] Fix link to Debian .mkshrc
- [tg] Cease exporting $RANDOM (Debian #760857)
- [tg] Fix C99 compatibility
- [tg] Work around klibc bug causing a coredump (Debian #763842)
- [tg] Use [197]issetugid(2) as additional check if we are FPRIVILEGED
- [tg] SECURITY: do not permit += from environment
- [tg] Fix more field splitting bugs reported by Stephane Chazelas and
mikeserv; document current status wrt. ambiguous ones as testcases too
* Policy 3.9.6, no changes
* Use klibc on x32 again, to be binNMUable, and since it works good enough
* Update lintian overrides
-- Thorsten Glaser <email address hidden> Fri, 03 Oct 2014 18:56:34 +0000
mksh (50b-1) unstable; urgency=high
* Bring back accidentally lost changelog entry for version 49-2
* Note what was actually imported from CVS in the 50-4 changelog
* Disable klibc builds on x32 for now, they’re essentially amd64
* New upstream version; remaining change:
- [tg, Jb_boin] Relax overzealous nameref RHS checks
* Update /etc/skel/.mkshrc with example how to force UTF-8
* Fix gitweb URL in README.Debian
* Urgency high due to script regression since 50-1
* Add NEWS entry for mksh script language changes in 50-1
-- Thorsten Glaser <email address hidden> Wed, 03 Sep 2014 22:30:55 +0200
Related branches
information type: | Private Security → Public Security |
I reviewed both debdiffs manually again, they look good to me.