Overview

File _patchinfo of Package patchinfo.22348

<patchinfo incident="22348">
  <issue tracker="cve" id="2018-0502"/>
  <issue tracker="cve" id="2018-13259"/>
  <issue tracker="bnc" id="1107294">VUL-0: CVE-2018-13259: zsh: Shebang lines exceeding 64 characterswere truncated, potentially leading to an execve call to a program name that is a substring of the intended one</issue>
  <issue tracker="bnc" id="1107296">VUL-0: CVE-2018-0502: zsh: The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line</issue>
  <packager>pperego</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for zsh</summary>
  <description>This update for zsh fixes the following issues:

- CVE-2018-0502: Fixed execve call vulnerability to program named on the second line when the beginning of a #! script file was mishandled. (bsc#1107296, bsc#1107294)
- CVE-2018-13259: Fixed execve call vulnerability to program name that is a substring of the intended one. (bsc#1107296, bsc#1107294)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places