ELSA-2018-1932 - zsh security update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2018-06-25 |
Description
[4.3.11-8]
- fix defects detected by Coverity related to CVE-2017-18206 and CVE-2018-1083
[4.3.11-7]
- fix stack-based buffer overflow in utils.c:checkmailpath() (CVE-2018-1100)
- fix stack-based buffer overflow in gen_matches_files() (CVE-2018-1083)
- fix buffer overrun in xsymlinks (CVE-2017-18206)
- fix buffer overflow when scanning very long path for symlinks (CVE-2014-10072)
[4.3.11-6]
- signal-handling related fixes collected from upstream (#1311166)
[4.3.11-5]
- fix malloc() signal leak in lexsave() (#1267903)
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle Linux 6 (i386) | zsh-4.3.11-8.el6.src.rpm | 9557cf7027c6231565e060dc0cf8f67a | ELSA-2020-0892 |
| zsh-4.3.11-8.el6.i686.rpm | 3e306cce7e5c410660d3ba4c76e36d58 | ELSA-2020-0892 |
| zsh-html-4.3.11-8.el6.i686.rpm | 8cc150a125890bbcbf8663f6a96cfd30 | ELBA-2018-2897 |
|
| Oracle Linux 6 (x86_64) | zsh-4.3.11-8.el6.src.rpm | 9557cf7027c6231565e060dc0cf8f67a | ELSA-2020-0892 |
| zsh-4.3.11-8.el6.x86_64.rpm | dadf2725df32eb3fbc61fbd9c40ad35a | ELSA-2020-0892 |
| zsh-html-4.3.11-8.el6.x86_64.rpm | 568fa3d749dca6010599244de9f27072 | ELBA-2018-2897 |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
