Download
| Alert*
oval:org.secpod.oval:def:89045919
This update for zsh fixes the following issues: - CVE-2018-0502: Fixed execve call vulnerability to program named on the second line when the beginning of a #! script file was mishandled. - CVE-2018-13259: Fixed execve call vulnerability to program name that is a substring of the intended one oval:org.secpod.oval:def:115103 The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell , but includes many enhancements. Zsh supports command line editing, built-in spelling correction, programmable command completion, shell functions , a his ... oval:org.secpod.oval:def:704311 zsh: shell with lots of features Zsh could be made to execute arbitrary code if it received a specially crafted script. oval:org.secpod.oval:def:115106 The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell , but includes many enhancements. Zsh supports command line editing, built-in spelling correction, programmable command completion, shell functions , a his ... oval:org.secpod.oval:def:51120 zsh: shell with lots of features Zsh could be made to execute arbitrary code if it received a specially crafted script. oval:org.secpod.oval:def:89049628 This update for zsh to version 5.6 fixes the following security issues: - CVE-2018-0502: The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line . - CVE-2018-13259: Shebang lines exceeding 64 characters were truncated, potentially ... oval:org.secpod.oval:def:1700084 An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line.It was discovered that zsh does not properly validate the shebang of input files and it truncates it to the first 64 bytes. A local ... oval:org.secpod.oval:def:89046120 This update for zsh fixes the following issues: - CVE-2019-20044: Fixed an insecure dropping of privileges when unsetting the PRIVILEGED option . - CVE-2018-13259: Fixed an unexpected truncation of long shebang lines . - CVE-2018-7549: Fixed a crash when an empty hash table . - CVE-2018-1083: Fixed ... oval:org.secpod.oval:def:2000520 An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line. |