RHBA-2015:1450 - Bug Fix Advisory

Topic

Updated ksh packages that fix several bugs are now available for Red Hat
Enterprise Linux 6.

Description

KornShell (KSH) is a Unix shell developed by AT&T Bell Laboratories, which is
backward-compatible with the Bourne shell (sh) and includes many features of the
C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2
standard (IEEE Std 1003.2-1992).

This update fixes the following bugs:

• Prior to this update, the result of a command substitution was lost if a file

descriptor used for the substitution was previously explicitly closed. With this
update, ksh no longer reuses file descriptors that were closed during the
execution of a command substitution. Now, command substitutions work as expected
in the described situation. (BZ#1116072)

• Previously, ksh in some cases terminated unexpectedly when re-setting a trap

inside a function. With this update, ksh no longer uses invalid data for trap
pointers and does not crash in this situation. (BZ#1117404)

• After the user changed into a directory that lacked execution permissions, ksh

did not recognize that the change did not happen and that the user was instead
still operating in the directory from which the user attempted to change. Also,
the "pwd" utility incorrectly displayed the directory into which the user
attempted to change instead of the directory in which the user was actually
operating. This update modifies ksh to verify whether the directory change was
successful. As a result, ksh reports an error if the necessary execution
permissions are missing. (BZ#1160923)

• Previously, ksh sometimes incorrectly initialized a variable holding the path

of the working directory. If a program changed the working directory between
forking and ksh execution, then ksh could contain an incorrect value in the
working directory variable. With this update, initialization of the working
directory variable has been corrected, and ksh now contains the correct value in
the aforementioned situation. (BZ#1168611)

• A nested associative array contained an unexpected extra empty value after the

array was initialized. This update fixes a bug in the associative array
initialization code that was causing this problem. As a result, newly-created
nested associative arrays are empty as expected. (BZ#1173668)

• Previously, ksh terminated unexpectedly after an alarm occurred during a read

operation with a modified Internal Field Separator (IFS). The ksh alarm built-in
has been modified to preserve the IFS table during execution. As a result, ksh
no longer crashes in this situation. (BZ#1176670)

• When the user set the export attribute to a variable, ksh in certain cases

ignored some other variable attributes. For example, when the user set a
variable to be both exported and upper-case, ksh did not set the upper-case
option correctly. The typeset utility code has been fixed to respect all options
that the user sets for a variable. As a result, ksh sets all attributes
correctly even if the user sets multiple attributes simultaneously. (BZ#1188377)

• Previously, after the user unset an associative array, the system did not free

the newly-available memory. Consequently, ksh consumed more and more memory over
time. The underlying source code has been modified to free the memory after the
user unsets an associative array, thus fixing this problem. (BZ#1189294)

Users of ksh are advised to upgrade to these updated packages, which fix these
bugs.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

• Red Hat Enterprise Linux Server 6 x86_64
• Red Hat Enterprise Linux Server 6 i386
• Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
• Red Hat Enterprise Linux Workstation 6 x86_64
• Red Hat Enterprise Linux Workstation 6 i386
• Red Hat Enterprise Linux Desktop 6 x86_64
• Red Hat Enterprise Linux Desktop 6 i386
• Red Hat Enterprise Linux for IBM z Systems 6 s390x
• Red Hat Enterprise Linux for Power, big endian 6 ppc64
• Red Hat Enterprise Linux for Scientific Computing 6 x86_64
• Red Hat Enterprise Linux Server from RHUI 6 x86_64
• Red Hat Enterprise Linux Server from RHUI 6 i386
• Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
• Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x
• Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 x86_64
• Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 i386
• Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6 s390x

Fixes

• BZ - 1116072 - Close of file descriptor in function called from command substitution prevents return of output
• BZ - 1117404 - ksh shell segv faults when handling trap
• BZ - 1138751 - shell hangs if setting variable from command that produces more than 120k and is piped
• BZ - 1147645 - Bash fix for CVE-2014-7169 breaks ksh scripts that try to clear the environment
• BZ - 1168611 - ksh: Problem with 'cd' from a forked C program
• BZ - 1173668 - Issue with initialization of nested associative arrays
• BZ - 1176670 - Problem with alarm and IFS
• BZ - 1189294 - Leak on unset of associative array
• BZ - 1204111 - ksh hangs when executed in from removed directory

CVEs

(none)

References

(none)