zsh 5.4.2-3ubuntu3.2 source package in Ubuntu
Changelog
zsh (5.4.2-3ubuntu3.2) bionic-security; urgency=medium
* SECURITY UPDATE: Regain dropped privileges
- debian/patches/CVE-2019-20044-pre.patch: change the order of the calls to
setgid (this should go first) and setuid in Src/options.c.
- debian/patches/CVE-2019-20044-1.patch: add extra checks to drop privileges
securely in Src/options.c.
- debian/patches/CVE-2019-20044-2.patch: add Src/openssh_bsd_setres_id.c
and its object file to Src/zsh.mdd, fix some of the checks from the
previous patch in Src/options.c, update compatibility wrappers in
Src/zsh_system.h, update the uid/gid methods in AC_CHECK_FUNCS in
configure.ac and add a test in Test/E01options.ztst.
- debian/patches/CVE-2019-20044-3.patch: improve Src/options.c changes from
above two patches.
- debian/patches/CVE-2019-20044-4.patch: clean up white spaces in
Src/options.c.
- debian/patches/CVE-2019-20044-5.patch: add privileged tests to
Test/P01privileged.ztst, remove the notes on privileged test in
Test/E01options.ztst and add the prilived tests to the Test/README.
- CVE-2019-20044
* SECURITY UPDATE: Arbitrary code execution
- debian/patches/CVE-2021-45444.patch: save PROMPTSUBST option before
the call to promptexpand() in b/Src/prompt.c and restore after it is
executed.
- CVE-2021-45444
-- Rodrigo Figueiredo Zaiden <email address hidden> Fri, 11 Mar 2022 10:46:35 -0300
Upload details
- Uploaded by:
- Rodrigo Figueiredo Zaiden
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- shells
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Bionic | updates | main | shells | |
| Bionic | security | main | shells |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| zsh_5.4.2.orig.tar.xz | 2.5 MiB | 3d174d01a7835e63f63991d1786f95b740646d9894d45a6bb0fba4615e73634c |
| zsh_5.4.2-3ubuntu3.2.debian.tar.xz | 90.4 KiB | faabc7539b4b77c334fbc78ccc29edac6377d85c054225ca23c09c3b50410cd2 |
| zsh_5.4.2-3ubuntu3.2.dsc | 2.3 KiB | 1c8b24b8fb978fa2adf8b02da280cd172b20508dd92459b73f4d6f32683ef1ba |
Available diffs
Binary packages built by this source
- zsh: shell with lots of features
Zsh is a UNIX command interpreter (shell) usable as an
interactive login shell and as a shell script command
processor. Of the standard shells, zsh most closely resembles
ksh but includes many enhancements. Zsh has command-line editing,
built-in spelling correction, programmable command completion,
shell functions (with autoloading), a history mechanism, and a
host of other features.
- zsh-common: architecture independent files for Zsh
Zsh is a UNIX command interpreter (shell) usable as an
interactive login shell and as a shell script command
processor. Of the standard shells, zsh most closely resembles
ksh but includes many enhancements. Zsh has command-line editing,
built-in spelling correction, programmable command completion,
shell functions (with autoloading), a history mechanism, and a
host of other features.
.
This package contains the common zsh files shared by all
architectures.
- zsh-dbgsym: debug symbols for zsh
- zsh-dev: shell with lots of features (development files)
Zsh is a UNIX command interpreter (shell) usable as an
interactive login shell and as a shell script command
processor. Of the standard shells, zsh most closely resembles
ksh but includes many enhancements. Zsh has command-line editing,
built-in spelling correction, programmable command completion,
shell functions (with autoloading), a history mechanism, and a
host of other features.
.
This package contains headers and scripts necessary to compile
third-party modules.
- zsh-doc: zsh documentation - info/HTML format
Zsh is a UNIX command interpreter (shell) usable as an
interactive login shell and as a shell script command
processor. Of the standard shells, zsh most closely resembles
ksh but includes many enhancements. Zsh has command-line editing,
built-in spelling correction, programmable command completion,
shell functions (with autoloading), a history mechanism, and a
host of other features.
.
This contains the documentation in GNU info and HTML formats.
- zsh-static: shell with lots of features (static link)
Zsh is a UNIX command interpreter (shell) usable as an
interactive login shell and as a shell script command
processor. Of the standard shells, zsh most closely resembles
ksh but includes many enhancements. Zsh has command-line editing,
built-in spelling correction, programmable command completion,
shell functions (with autoloading), a history mechanism, and a
host of other features.
.
This is the statically-compiled version of the shell.
- zsh-static-dbgsym: debug symbols for zsh-static
