SUSE-SU-2024:2756-1

Description of the patch:

This update for ksh fixes the following issues:

• CVE-2019-14868: Fixed code injection due to environment variables on startup interpreted as arithmetic expression (bsc#1160796)

Other fixes:

• do not use posix_spawn as it lacks proper job handling (bsc#1224057)
• fix segfault in variable substitution (bsc#1129288)