Security update for ksh
This update for ksh fixes the following issues:
- fix segfault in variable substitution [boo#1129288]
- fix untrusted environment execution [boo#1160796] [CVE-2019-14868]
-
Submitted by
Michael Schröder (mlschroe)
Fixed bugs
bnc#1160796
VUL-0: CVE-2019-14868: ksh: environment variables on startup are interpreted as arithmetic expression leading to code injection
