Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in Zsh.
Software Description:
- zsh: shell with lots of features
Details:
It was discovered that Zsh incorrectly handled certain enviroment
variables. An attacker could possibly use this issue to gain privileged
access to the system. This issue only affected Ubuntu 14.04 LTS.
(CVE-2014-10070)
It was discovered that Zsh incorrectly handled certain inputs.
An attacker could possibly use this to execute arbitrary code. This
issue only affected Ubuntu 14.04 LTS. (CVE-2014-10071)
It was discovered that Zsh incorrectly handled some symbolic links.
An attacker could possibly use this to execute arbitrary code. This
issue only affected Ubuntu 14.04 LTS. (CVE-2014-10072)
It was discovered that Zsh incorrectly handled certain errors. An
attacker could possibly use this issue to cause a denial of service.
(CVE-2016-10714)
It was discovered that Zsh incorrectly handled certain commands. An
attacker could possibly use this t...
The problem can be corrected by updating your system to the following package versions: Ubuntu 17.10: zsh 5.2-5ubuntu1.1 Ubuntu 16.04 LTS: zsh 5.1.1-1ubuntu2.1 Ubuntu 14.04 LTS: zsh 5.0.2-3ubuntu6.1 After a standard system update you need to restart Zsh to make all the necessary changes.
https://ubuntu.com/security/notices/USN-3593-1
CVE-2014-10070, CVE-2014-10071, CVE-2014-10072, CVE-2016-10714,
CVE-2017-18205, CVE-2017-18206, CVE-2018-7548, CVE-2018-7549
Get the latest Linux and open source security news straight to your inbox.