Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » RHBA-2013:0042-01


Id RHBA-2013:0042-01
Name Red Hat 2013:0042-01 RHBA ksh bug fix update for RHEL 5 x86
Vendor Name red_hat
Product None
Content Type Recommended Recommended
Operating System(s) Linux 
Released On 07 Jan 2013 12:00:00


Red Hat 2013:0042-01 RHBA ksh bug fix update for RHEL 5 x86

Vendor Name




Released On

07 Jan 2013 12:00:00



KSH-93 is the most recent version of the KornShell by David Korn of AT&T Bell Laboratories. KornShell is a shell programming language which is also compatible with sh, the original Bourne Shell. This update fixes the following bugs: * Prior to this update, using the -R or -Z options of the typeset command did not work as expected. When a variable was assigned to a field that was of smaller size than the size of the variable, it would trim the incorrect values from the variable. Consequently, the resulting value in the trimmed variable was incorrect. The underlying source code has been modified and the typeset -R/-Z command works as expected. (BZ#771188) * Previously, ksh did not expand the tilde (~) character properly. For example, characters in the tilde prefix were not treated as a login name but as a part of the path and the "No such file or directory" message was displayed. The underlying source code has been modified and tilde expansion now works as expected in such a scenario. (BZ#802565) * In certain cases, ksh unnecessarily called the vfork() function. An extra process was created and it could be difficult to determine how many instances of a script were running. A patch has been applied to address this problem, and extra processes are no longer created if not required. (BZ#804925) * Due to a missing patch that introduced the tsetio flag, the redirect output behavior changed depending on what ksh version was used. With this update, the missing patch was added and redirect output behavior is now consistent across all versions of ksh. (BZ#811318) * Previously, ksh did not close certain file descriptors prior to execution. This could lead to a file descriptor leak, and certain applications could consequently report error messages. With this update, file descriptors are marked to be closed on execution if appropriate, so file descriptor leaks no longer occur. (BZ#812930) * Due to a bug in the typeset command, when executed with the -Z option, output was being formatted to an incorrect width. As a result, exporting a right-aligned variable of smaller size than the predefined field size caused it to not be prepended with 0 characters. With this update, the typeset command works as expected in the aforementioned scenario. (BZ#827522) * Previously, ksh did not allocate the correct amount of memory for its data structures containing information about file descriptors. When running a task that used file descriptors extensively, ksh terminated unexpectedly with a segmentation fault. With this update, the proper amount of memory is allocated, and ksh no longer crashes if file descriptors are used extensively. (BZ#827613) All users of the ksh are advised to upgrade to these updated packages, which fix these bugs.

Related Resources

Related Vulnerabilities


Related Patches


Superseded Patches

Last Updated: 27 May 2016 11:16:12