SUSE-SU-2022:14910-1 -- SLES zshID: oval:org.secpod.oval:def:89046120 | Date: (C)2022-03-25 (M)2023-12-20 |
Class: PATCH | Family: unix |
This update for zsh fixes the following issues: - CVE-2019-20044: Fixed an insecure dropping of privileges when unsetting the PRIVILEGED option . - CVE-2018-13259: Fixed an unexpected truncation of long shebang lines . - CVE-2018-7549: Fixed a crash when an empty hash table . - CVE-2018-1083: Fixed a stack-based buffer overflow when using tab completion on directories with long names . - CVE-2018-1071: Fixed a stack-based buffer overflow when executing certain commands . - CVE-2018-0502: Fixed a mishandling of shebang lines . - CVE-2017-18206: Fixed a buffer overflow related to symlink processing . - CVE-2017-18205: Fixed an application crash when using cd with no arguments . - CVE-2016-10714: Fixed a potential application crash when handling maximum length paths . - CVE-2014-10072: Fixed a buffer overflow when scanning very long directory paths for symbolic links . - CVE-2014-10071: Fixed a buffer overflow when redirecting output to a long file descriptor . - CVE-2014-10070: Fixed a privilege escalation vulnerability via environment variables .
Platform: |
SUSE Linux Enterprise Server 11 SP4 |