Описание
Security update for zsh
This update for zsh to version 5.6 fixes the following security issues:
- CVE-2018-0502: The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line (bsc#1107296).
- CVE-2018-13259: Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one (bsc#1107294).
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.0
zsh-5.6-lp150.2.6.1
zsh-htmldoc-5.6-lp150.2.6.1
Ссылки
- E-Mail link for openSUSE-SU-2018:2741-1
- SUSE Security Ratings
Описание
An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line.
Затронутые продукты
openSUSE Leap 15.0:zsh-5.6-lp150.2.6.1
openSUSE Leap 15.0:zsh-htmldoc-5.6-lp150.2.6.1
Ссылки
- CVE-2018-0502
- SUSE Bug 1107296
Описание
An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one.
Затронутые продукты
openSUSE Leap 15.0:zsh-5.6-lp150.2.6.1
openSUSE Leap 15.0:zsh-htmldoc-5.6-lp150.2.6.1
Ссылки
- CVE-2018-13259
- SUSE Bug 1107294