Release | Version |
---|---|
jessie | 5.0.7-5+deb8u4 |
stretch | 5.3.1-4+deb9u5 |
buster | 5.7.1-1+deb10u1 |
bullseye | 5.8-6+deb11u1 |
bookworm | 5.9-4 |
trixie | 5.9-8 |
sid | 5.9-8 |
Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|---|---|---|
CVE-2019-20044 | fixed | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | In Zsh before 5.8, attackers able to execute commands can regain privi ... |
Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|---|---|---|
CVE-2018-7549 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | In params.c in zsh through 5.4.2, there is a crash during a copy of an ... |
CVE-2018-7548 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | In subst.c in zsh through 5.4.2, there is a NULL pointer dereference w ... |
CVE-2017-18205 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | In builtin.c in zsh before 5.4, when sh compatibility mode is used, th ... |
Bug | Description |
---|---|
CVE-2021-45444 | In zsh before 5.8.1, an attacker can achieve code execution if they co ... |
CVE-2018-13259 | An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 ... |
CVE-2018-1100 | zsh through version 5.4.2 is vulnerable to a stack-based buffer overfl ... |
CVE-2018-1083 | Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in ... |
CVE-2018-1071 | zsh through version 5.4.2 is vulnerable to a stack-based buffer overfl ... |
CVE-2018-0502 | An issue was discovered in zsh before 5.6. The beginning of a #! scrip ... |
CVE-2017-18206 | In utils.c in zsh before 5.4, symlink expansion had a buffer overflow. |
CVE-2016-10714 | In zsh before 5.3, an off-by-one error resulted in undersized buffers ... |
CVE-2014-10072 | In utils.c in zsh before 5.0.6, there is a buffer overflow when scanni ... |
CVE-2014-10071 | In exec.c in zsh before 5.0.7, there is a buffer overflow for very lon ... |
CVE-2014-10070 | zsh before 5.0.7 allows evaluation of the initial values of integer va ... |
CVE-2007-6209 | Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary ... |
DSA / DLA | Description |
---|---|
DLA-2926-1 | zsh - security update |
ELA-565-1 | zsh - security update |
DSA-5078-1 | zsh - security update |
DLA-2470-1 | zsh - security update |
ELA-316-1 | zsh - security update |
DLA-2117-1 | zsh - security update |
DLA-1335-1 | zsh - security update |
DLA-1304-1 | zsh - security update |