Overview

File _patchinfo of Package patchinfo.8627

<patchinfo incident="8627">
  <issue tracker="bnc" id="1107294">VUL-0: CVE-2018-13259: zsh: Shebang lines exceeding 64 characterswere truncated, potentially leading to an execve call to a program name that is a substring of the intended one</issue>
  <issue tracker="bnc" id="1107296">VUL-0: CVE-2018-0502: zsh: The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line</issue>
  <issue tracker="cve" id="2018-13259"/>
  <issue tracker="cve" id="2018-0502"/>
  <category>security</category>
  <rating>important</rating>
  <packager>namtrac</packager>
  <description>This update for zsh to version 5.6 fixes the following security issues:

- CVE-2018-0502: The beginning of a #! script file was mishandled, potentially
  leading to an execve call to a program named on the second line (bsc#1107296).
- CVE-2018-13259: Shebang lines exceeding 64 characters were truncated,
  potentially leading to an execve call to a program name that is a substring of
  the intended one (bsc#1107294).
</description>
  <summary>Security update for zsh</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places