zsh-5.0.2-33.el7

エラータID: AXSA:2019-3997:01

Release date: 
Monday, August 19, 2019 - 11:29
Subject: 
zsh-5.0.2-33.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell (the Korn shell), but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions (with autoloading), a history mechanism, and more.

Security Fix(es):

* zsh: Improper handling of shebang line longer than 64 (CVE-2018-13259)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2018-13259
An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one.

Solution: 

Update packages.

CVEs: 
CVE-2018-13259
An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one.
Additional Info: 

N/A

Download: 

SRPMS
  1. zsh-5.0.2-33.el7.src.rpm
    MD5: 53a04165183c3c3a164e923cde060433
    SHA-256: 0c0a5c94990b03a47d3c91b6129e05c36d543103a81c62a1d80e62acfe375f30
    Size: 2.98 MB

Asianux Server 7 for x86_64
  1. zsh-5.0.2-33.el7.x86_64.rpm
    MD5: d9977db773df406fde71d29845e4d4e3
    SHA-256: 01b1e4e547cb365870f79fc5d658401d9b712651693fe023928569947e5d2899
    Size: 2.38 MB