Описание
Security update for zsh
This update for zsh to version 5.6 fixes the following security issues:
- CVE-2018-0502: The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line (bsc#1107296).
- CVE-2018-13259: Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one (bsc#1107294).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15
zsh-5.6-3.6.1
Ссылки
- Link for SUSE-SU-2018:2686-1
- E-Mail link for SUSE-SU-2018:2686-1
- SUSE Security Ratings
- SUSE Bug 1107294
- SUSE Bug 1107296
- SUSE CVE CVE-2018-0502 page
- SUSE CVE CVE-2018-13259 page
Описание
An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15:zsh-5.6-3.6.1
Ссылки
- CVE-2018-0502
- SUSE Bug 1107296
- SUSE Bug 1194009
- SUSE Bug 1194012
- SUSE Bug 1200039
- SUSE Bug 1200209
Описание
An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15:zsh-5.6-3.6.1
Ссылки
- CVE-2018-13259
- SUSE Bug 1107294
- SUSE Bug 1194009
- SUSE Bug 1194012
- SUSE Bug 1200039
- SUSE Bug 1200209