pkgsrc.se | The NetBSD package collection

./shells/mksh, MirBSD Korn Shell

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2014Q3, Version: 50d, Package name: mksh-50d, Maintainer: ahoka

mksh is the MirBSD enhanced version of the Public Domain Korn shell (pdksh),
a Bourne-compatible shell which is largely si. milar to the original AT&T
Korn shell; mksh is the only pdksh derivate currently being actively developed.
It includes bug fixes and feature improvements, in order to produce a modern,
robust shell good for interactive and especially script use.

The code has throughoutly been cleaned up and simplified, bugs fixed, standards
compliance added, and several enhancements (for extended compatibility to other
modern shells, as well as a couple of its own) have been placed. mksh has UTF-8
support (e.g. in the emacs editing mode).

Master sites: (Expand)

SHA1: 0066c260e0ae6736c56189f481607d8306449c53
RMD160: 473417750fe50ed0f947076752677432aa9fbd82
Filesize: 365.248 KB

Version history: (Expand)

(2014-10-09) Updated to version: mksh-50d
(2014-10-01) Package added to pkgsrc.se, version mksh-50b (created)

CVS history: (Expand)

2014-10-09 15:32:18 by Matthias Scheler | Files touched by this commit (3) | Package updated

Log message:
Pullup ticket #4518 - requested by bsiegert
shells/mksh: security update

Revisions pulled up:
- shells/mksh/Makefile                                          1.28
- shells/mksh/distinfo                                          1.26
- shells/mksh/patches/patch-mksh.1                              1.7

---
   Module Name:    pkgsrc
   Committed By:   bsiegert
   Date:           Tue Oct  7 18:51:02 UTC 2014

   Modified Files:
           pkgsrc/shells/mksh: Makefile distinfo
           pkgsrc/shells/mksh/patches: patch-mksh.1

   Log message:
   Security: Update mksh to 50d.

   R50d is a required bugfix release:

   - [Goodbox] Fix NULL pointer dereference on âunset x; nameref xâ
   - [tg] Fix severe regression in field splitting (LP#1378208)
   - [tg] Add a warning about not using tainted user input (including from
     the environ(7)ment) in arithmetics, until StÃ©phane writes it up nicely

   R50c is a security fix release:

   - [tg] Know more rare signals when generating sys_signame[] replacement
   - [tg] OpenBSD sync (mostly RCSID only)
   - [tg] Document HISTSIZE limit; found by luigi_345 on IRC
   - [zacts] Fix link to Debian .mkshrc
   - [tg] Cease exporting $RANDOM (Debian #760857)
   - [tg] Fix C99 compatibility
   - [tg] Work around klibc bug causing a coredump (Debian #763842)
   - [tg] Use issetugid(2) as additional check if we are FPRIVILEGED
   - [tg] SECURITY: do not permit += from environment
   - [tg] Fix more field splitting bugs reported by Stephane Chazelas and
     mikeserv; document current status wrt. ambiguous ones as testcases too