[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted zsh 4.3.17-1+deb7u2 (source all amd64) into oldoldstable



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 31 Mar 2018 22:56:22 +0200
Source: zsh
Binary: zsh zsh-doc zsh-static zsh-dev zsh-dbg
Architecture: source all amd64
Version: 4.3.17-1+deb7u2
Distribution: wheezy-security
Urgency: high
Maintainer: Debian Zsh Maintainers <pkg-zsh-devel@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description: 
 zsh        - shell with lots of features
 zsh-dbg    - shell with lots of features (debugging symbols)
 zsh-dev    - shell with lots of features (development files)
 zsh-doc    - zsh documentation - info/HTML format
 zsh-static - shell with lots of features (static link)
Changes: 
 zsh (4.3.17-1+deb7u2) wheezy-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * Fix CVE-2018-1071: stack-based buffer overflow in the exec.c:hashcmd()
     function. A local attacker could exploit this to cause a denial of service.
   * Fix CVE-2018-1083: buffer overflow in the shell autocomplete
     functionality. A local unprivileged user can create a specially crafted
     directory path which leads to code execution in the context of the user who
     tries to use autocomplete to traverse the before mentioned path. If the
     user affected is privileged, this leads to privilege escalation.
Checksums-Sha1: 
 a7270a816f958e86400fdb1bbf0157f8ec42de57 2465 zsh_4.3.17-1+deb7u2.dsc
 7470100ad2284c66d681bf1746989559b9b81405 153753 zsh_4.3.17-1+deb7u2.debian.tar.gz
 e0d510c24bc5cb45c94202ee2f50dfb7241752ff 2568638 zsh-doc_4.3.17-1+deb7u2_all.deb
 92d8362f932230b91be26b2d95529f620a668f6b 4916390 zsh_4.3.17-1+deb7u2_amd64.deb
 650ce9ab55cdce32ac316021c17f3de195397403 1545410 zsh-dbg_4.3.17-1+deb7u2_amd64.deb
 54aaae4974b06e117c9f8cc3242d83d76924a8aa 1018666 zsh-static_4.3.17-1+deb7u2_amd64.deb
 399052ac85720c0b5167ccc744ef8b2f3e3b0cc2 84794 zsh-dev_4.3.17-1+deb7u2_amd64.deb
Checksums-Sha256: 
 209a6d7a26a33fb15cc6286a23bf4122f4df01e002e255ee433b2aa3383eb70a 2465 zsh_4.3.17-1+deb7u2.dsc
 90f8555d12cd663701a6e3596796dd23baf54e4ae4384955120d6fc2991d67af 153753 zsh_4.3.17-1+deb7u2.debian.tar.gz
 43c57f46e15671978c41538b28d743ef7f7a2b6668fec413d5483ade5c76d612 2568638 zsh-doc_4.3.17-1+deb7u2_all.deb
 11e0123a7264c64f97432894e41380ed40c38175a4c7bb942a747490e40bae6b 4916390 zsh_4.3.17-1+deb7u2_amd64.deb
 4fa01810e314a728599b2faa79a03048fa5765f859cd2a031d04bcd39bfba9dc 1545410 zsh-dbg_4.3.17-1+deb7u2_amd64.deb
 a3495b3d203c8b886608c0fff7c13c774f8a52607971cc056d8f22eb48511676 1018666 zsh-static_4.3.17-1+deb7u2_amd64.deb
 5c597bfef87fad58a6cfd236dd22cace720f68b02d675897cef7b3a130443fef 84794 zsh-dev_4.3.17-1+deb7u2_amd64.deb
Files: 
 27c069263e8103056ced8a7dfe21d103 2465 shells optional zsh_4.3.17-1+deb7u2.dsc
 69a778f809f3532313ac89079c1486cc 153753 shells optional zsh_4.3.17-1+deb7u2.debian.tar.gz
 e7bbb58e9fb933dfb47e9be410e5053d 2568638 doc optional zsh-doc_4.3.17-1+deb7u2_all.deb
 71830927ddc31b4d2a1bd41658e60ba4 4916390 shells optional zsh_4.3.17-1+deb7u2_amd64.deb
 c7df2bc2ad3e18352a46da0fed124976 1545410 debug extra zsh-dbg_4.3.17-1+deb7u2_amd64.deb
 c97a3068a02f13f6f050790b7010df87 1018666 shells optional zsh-static_4.3.17-1+deb7u2_amd64.deb
 a19950dc4dc41903e5d871e58a6e3e90 84794 libdevel optional zsh-dev_4.3.17-1+deb7u2_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlq/+zpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkLkcQALBeKS3jpQ2XuSEDze5j9yfFmAkHTjC+KBqJ
VTZEKjQt4JsXihrMROwKVTSZHs5XclNqaHhyNdlshdns/QqCKISomKqmEmil0CLz
C1s3OalHBGYqhRFMIZrBjAojD1hluZpNuf0S4k2bC63mv4Wfb3AVQ1BNcMMQatvA
j5t3sgexQVQ4gdk2qMdXy8m2FIMg5+LpFUmsZHRiL+XrPlVG0U4Rk/er5qUCRPJg
2jlxOMtEEC/mgyZAAENwz+yJGbvwWsRXmCWSzB7fAzkTkxD7vVz1jqBnSK1rjYZ7
E6paGyoPfjFoHkfoBBXdXdKF9mW+HUtFY89w6yDRkFMyh6hPJsS3aqjl2sduSPcu
RTlPpFXZVWp0Y8bPmhyb368zmmVo6y0l26iDNGclLblJNv1W9DPEx2wk2+Abskjy
gi1SkNO4UT15ntpfnYeq+YXQWBiFv4YjgIk19qP9y2nJMut0qoLfvD0vM+pVCs7V
F3BM1JwKl8O2MfnRes42/AUK421Fa0Id5+Ojv6dLMJvVZYC0WsAfM/PlazEaHQZP
fpbTSfid+aF4kVQ5EfUg/LS2g/brdQhyLYViSovHQwMjTZKxXzklyr+E86CWB5im
goSYT8U8AVknO6uWHdm5WMZvF5Zw3SfxTmwB6c9sBzefMNPOroQxuCLj588KfKDn
uO0MTsIA
=rJLj
-----END PGP SIGNATURE-----


Reply to: