Overview

File _patchinfo of Package patchinfo.23100

<patchinfo incident="23100">
  <issue tracker="cve" id="2019-20044"/>
  <issue tracker="bnc" id="1163882">VUL-0: CVE-2019-20044: zsh: insecure dropping of privileges when unsetting PRIVILEGED option</issue>
  <issue tracker="cve" id="2021-45444"/>
  <issue tracker="bnc" id="1196435">VUL-0: CVE-2021-45444: zsh: Prompt expansion vulnerability</issue>
  <packager>pperego</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for zsh</summary>
  <description>This update for zsh fixes the following issues:

- CVE-2021-45444: Fixed a vulnerability where arbitrary shell commands could be 
  executed related to prompt expansion (bsc#1196435).
- CVE-2019-20044: Fixed a vulnerability where shell privileges would not be
  properly dropped when unsetting the PRIVILEGED option (bsc#1163882).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places