Opened 4 years ago
Closed 4 years ago
New minor version.
Changes from 5.5.1-test-2 to 5.6
CVE-2018-0502: Data from the second line of a #! script file might be passed to
execve(). For example, in the following situation -
printf '#!foo\nbar' > baz
the shell might take "bar" rather than "foo" for the argv to be passed to
CVE-2018-13259: A shebang line longer than 64 characters would be truncated.
For example, in the following situation:
( printf '#!'; repeat 64 printf 'x'; printf 'y' ) > foo
the shell might execute x...x (64 repetitions) rather than x...xy (64 x's,
Changes from 5.5.1 to 5.5.1-test-2
Non-stop IEEE 754 arithmetic support - Inf and NaN are now returned
from floating point operations where errors were printed before.
Inf and NaN are also recognized in arithmetic expressions.
In shell patterns, :blank: now honors the locale instead of
matching exclusively on space and tab, like for the other POSIX
character classes or for extended regular expressions.
Nanosecond precision on file times is supported in the module
Fixed at revision 20465.
Powered by Trac 1.5.3.dev0
By Edgewall Software
© 1998-2022 Gerard Beekmans.