zsh-5.0.2-31.el7
エラータID: AXSA:2018-3420:01
Release date:
Thursday, November 8, 2018 - 17:14
Subject:
zsh-5.0.2-31.el7
Affected Channels:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell (the Korn shell), but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions (with autoloading), a history mechanism, and more.
Security Fix(es):
* zsh: Stack-based buffer overflow in gen_matches_files() at compctl.c (CVE-2018-1083)
* zsh: buffer overflow for very long fds in >
Solution:
Update packages.
CVEs:
CVE-2014-10071
In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax.
In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax.
CVE-2014-10072
In utils.c in zsh before 5.0.6, there is a buffer overflow when scanning very long directory paths for symbolic links.
In utils.c in zsh before 5.0.6, there is a buffer overflow when scanning very long directory paths for symbolic links.
CVE-2017-18205
In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set.
In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set.
CVE-2018-1071
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function. A local attacker could exploit this to cause a denial of service.
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function. A local attacker could exploit this to cause a denial of service.
CVE-2018-1083
Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mentioned path. If the user affected is privileged, this leads to privilege escalation.
Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mentioned path. If the user affected is privileged, this leads to privilege escalation.
CVE-2018-1100
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.
CVE-2018-7549
In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p.
In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p.
Additional Info:
N/A
Download:
SRPMS
- zsh-5.0.2-31.el7.src.rpm
MD5: bf7eca5bfe6ba2fca56cfc0386808c73
SHA-256: 815bf3b9fc5c0b43c297fd5336cb4d68edd51b158b0307c531611fc9cb14f2c8
Size: 2.97 MB
Asianux Server 7 for x86_64
- zsh-5.0.2-31.el7.x86_64.rpm
MD5: 9c5d4cd89a2ccc4ef0b83ad89fa3839b
SHA-256: 33d6be670e7b7c11d7fe5353ebdc39d411280df6e04f5a6e4994fab6069a0595
Size: 2.38 MB
日本語