Lucene search
SuseSUSE-SU-2018:1072-1HistoryApr 25, 2018 - 6:07 p.m.
Security update for zsh (important)
2018-04-2518:07:15
lists.opensuse.org
66
0.007 Low
EPSS
Percentile
78.3%
This update for zsh fixes the following issues:
- CVE-2014-10070: environment variable injection could lead to local
privilege escalation (bnc#1082885)
- CVE-2014-10071: buffer overflow in exec.c could lead to denial of
service. (bnc#1082977)
- CVE-2014-10072: buffer overflow In utils.c when scanning very long
directory paths for symbolic links. (bnc#1082975)
- CVE-2016-10714: In zsh before 5.3, an off-by-one error resulted in
undersized buffers that were intended to support PATH_MAX characters.
(bnc#1083250)
- CVE-2017-18205: In builtin.c when sh compatibility mode is used, a
NULL pointer dereference could lead to denial of service (bnc#1082998)
- CVE-2018-1071: exec.c:hashcmd() function vulnerability could lead to
denial of service. (bnc#1084656)
- CVE-2018-1083: Autocomplete vulnerability could lead to privilege
escalation. (bnc#1087026)
- CVE-2018-7549: In params.c in zsh through 5.4.2, there is a crash
during a copy of an empty hash table, as demonstrated by typeset -p.
(bnc#1082991)
- CVE-2017-18206: buffer overrun in xsymlinks could lead to denial of
service (bnc#1083002)
- Autocomplete and REPORTTIME broken (bsc#896914)
Related
openvas
openvas
openSUSE: Security Advisory for zsh (openSUSE-SU-2018:1093-1)
2018-04-27 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:1072-1)
2021-04-19 00:00:00
Ubuntu: Security Advisory (USN-3593-1)
2018-10-26 00:00:00
suse
suse
Security update for zsh (important)
2018-04-27 00:07:15
Security update for zsh (moderate)
2018-07-06 00:07:46
Security update for zsh (important)
2018-10-02 12:07:57
nessus
nessus
openSUSE Security Update : zsh (openSUSE-2018-399)
2018-04-27 00:00:00
SUSE SLED12 / SLES12 Security Update : zsh (SUSE-SU-2018:1072-1)
2018-04-26 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : Zsh vulnerabilities (USN-3593-1)
2018-03-09 00:00:00
ubuntu
ubuntu
Zsh vulnerabilities
2018-03-08 00:00:00
Zsh vulnerabilities
2018-03-27 00:00:00
osv
osv
zsh - security update
2018-03-09 00:00:00
zsh - security update
2018-03-31 00:00:00
zsh - security update
2020-11-30 00:00:00
debian
debian
[SECURITY] [DLA 1304-1] zsh security update
2018-03-09 17:01:59
[SECURITY] [DLA 1335-1] zsh security update
2018-03-31 22:19:41
[SECURITY] [DLA 2470-1] zsh security update
2020-12-01 03:35:46
amazon
amazon
oraclelinux
oraclelinux
zsh security and bug fix update
2018-11-05 00:00:00
zsh security update
2018-06-25 00:00:00
centos
centos
zsh security update
2018-11-15 18:54:22
zsh security update
2018-06-21 11:56:17
redhat
redhat
(RHSA-2018:3073) Moderate: zsh security and bug fix update
2018-10-30 04:16:11
(RHSA-2018:1932) Moderate: zsh security update
2018-06-19 02:12:48
slackware
slackware
[slackware-security] zsh
2019-01-14 04:33:07
gentoo
gentoo
Zsh: Multiple vulnerabilities
2018-05-26 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: zsh-5.3.1-7.fc26
2018-03-20 17:37:50
[SECURITY] Fedora 27 Update: zsh-5.4.1-3.fc27
2018-05-05 22:28:53
[SECURITY] Fedora 27 Update: zsh-5.4.1-4.fc27
2018-09-14 21:54:37
mageia
mageia
Updated zsh packages fix security vulnerabilities
2018-03-14 19:21:20
Updated zsh packages fix security vulnerabilities
2018-04-20 20:24:13
rosalinux
rosalinux
Advisory ROSA-SA-2021-2005
2021-07-02 18:22:15
prion
prion
Input validation
2018-02-27 22:29:00
Null pointer dereference
2018-02-27 22:29:00
Buffer overflow
2018-02-27 22:29:00
cve
cve
redhatcve
redhatcve
ubuntucve
ubuntucve
debiancve
debiancve
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:24:27
Privilege Escalation
2019-05-16 03:01:47
Denial Of Service (DoS)
2020-05-10 23:21:18
alpinelinux
alpinelinux
CVE-2018-1071
2018-03-09 15:29:00
CVE-2018-1083
2018-03-28 13:29:00
photon
photon
archlinux
archlinux
[ASA-201804-7] zsh: denial of service
2018-04-19 00:00:00
rapid7blog
rapid7blog
Driver-Based Attacks: Past and Present
2021-12-13 14:00:00