Fedora 28: zsh Security Update 2018-16bb8b00c5
Summary
The zsh shell is a command interpreter usable as an interactive login
shell and as a shell script command processor. Zsh resembles the ksh
shell (the Korn shell), but includes many enhancements. Zsh supports
command line editing, built-in spelling correction, programmable
command completion, shell functions (with autoloading), a history
mechanism, and more.
- fix two security issues in shebang line parsing (CVE-2018-0502 CVE-2018-13259)
* Tue Sep 4 2018 Kamil Dudka
- fix two security issues in shebang line parsing (CVE-2018-0502 CVE-2018-13259)
* Tue Apr 17 2018 Kamil Dudka
- update to latest upstream release
[ 1 ] Bug #1626190 - CVE-2018-0502 zsh: Improper parsing of the shebang line with special chars [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1626190
[ 2 ] Bug #1626185 - CVE-2018-13259 zsh: Improper handling of shebang line longer than 64 [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1626185
su -c 'dnf upgrade --advisory FEDORA-2018-16bb8b00c5' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
FEDORA-2018-16bb8b00c5 2018-09-11 16:50:57.490065 Product : Fedora 28 Version : 5.5.1 Release : 2.fc28 URL : https://zsh.sourceforge.io/ Summary : Powerful interactive shell Description : The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell (the Korn shell), but includes many enhancements. Zsh supports command line editing, built-in spelling correction, programmable command completion, shell functions (with autoloading), a history mechanism, and more. - fix two security issues in shebang line parsing (CVE-2018-0502 CVE-2018-13259) * Tue Sep 4 2018 Kamil Dudka - 5.5.1-2 - fix two security issues in shebang line parsing (CVE-2018-0502 CVE-2018-13259) * Tue Apr 17 2018 Kamil Dudka - 5.5.1-1 - update to latest upstream release [ 1 ] Bug #1626190 - CVE-2018-0502 zsh: Improper parsing of the shebang line with special chars [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1626190 [ 2 ] Bug #1626185 - CVE-2018-13259 zsh: Improper handling of shebang line longer than 64 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1626185 su -c 'dnf upgrade --advisory FEDORA-2018-16bb8b00c5' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Change Log
References