Information on source package zsh

Available versions

ReleaseVersion
jessie5.0.7-5+deb8u4
stretch5.3.1-4+deb9u5
buster5.7.1-1+deb10u1
bullseye5.8-6+deb11u1
bookworm5.9-4
trixie5.9-8
sid5.9-8

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2019-20044fixedfixedvulnerable (no DSA)fixedfixedfixedfixedIn Zsh before 5.8, attackers able to execute commands can regain privi ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2018-7549vulnerablevulnerablefixedfixedfixedfixedfixedIn params.c in zsh through 5.4.2, there is a crash during a copy of an ...
CVE-2018-7548vulnerablevulnerablefixedfixedfixedfixedfixedIn subst.c in zsh through 5.4.2, there is a NULL pointer dereference w ...
CVE-2017-18205vulnerablevulnerablefixedfixedfixedfixedfixedIn builtin.c in zsh before 5.4, when sh compatibility mode is used, th ...

Resolved issues

BugDescription
CVE-2021-45444In zsh before 5.8.1, an attacker can achieve code execution if they co ...
CVE-2018-13259An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 ...
CVE-2018-1100zsh through version 5.4.2 is vulnerable to a stack-based buffer overfl ...
CVE-2018-1083Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in ...
CVE-2018-1071zsh through version 5.4.2 is vulnerable to a stack-based buffer overfl ...
CVE-2018-0502An issue was discovered in zsh before 5.6. The beginning of a #! scrip ...
CVE-2017-18206In utils.c in zsh before 5.4, symlink expansion had a buffer overflow.
CVE-2016-10714In zsh before 5.3, an off-by-one error resulted in undersized buffers ...
CVE-2014-10072In utils.c in zsh before 5.0.6, there is a buffer overflow when scanni ...
CVE-2014-10071In exec.c in zsh before 5.0.7, there is a buffer overflow for very lon ...
CVE-2014-10070zsh before 5.0.7 allows evaluation of the initial values of integer va ...
CVE-2007-6209Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary ...

Security announcements

DSA / DLADescription
DLA-2926-1zsh - security update
ELA-565-1zsh - security update
DSA-5078-1zsh - security update
DLA-2470-1zsh - security update
ELA-316-1zsh - security update
DLA-2117-1zsh - security update
DLA-1335-1zsh - security update
DLA-1304-1zsh - security update

Search for package or bug name: Reporting problems