CLSA-2026-1777051545 zsh: Fix of 3 CVEs

CVE-2018-1071: check bounds when copying path in hashcmd - CVE-2018-7549: avoid crash copying empty hash table - CVE-2018-13259: fix shebang line truncation in zexecve...

EUVD-2018-19276

Malware in sbrugna...

SUSE CVE-2018-7549

In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p...

zsh Denial of Service Vulnerability

Z Shell Zsh is a Unix shell that can be used as an interactive login shell and a powerful shell script command interpreter. A denial of service vulnerability exists in params.c in zsh versions 5.4.2 and earlier during the copying of an empty hash table. An attacker can exploit this vulnerability ...

DEBIAN-CVE-2018-7549

In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p...

CVE-2018-7549

In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p...

CVE-2018-7549

CVE-2018-7549 affects zsh (through 5.4.2): a NULL pointer dereference in params.c during a copy of an empty hash table can crash the shell, enabling denial-of-service locally. Several advisories (Red Hat RHSA-2018:3073, CentOS CESA-2018:3073, Amazon Linux ALAS2-2018-986, Fedora advisories) note t...

CVE-2018-7549

In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p...

UBUNTU-CVE-2018-7549

In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p...