[REQUEST FOR TESTING] zsh 5.0.7-5+deb8u1

To: debian-lts@lists.debian.org
Subject: [REQUEST FOR TESTING] zsh 5.0.7-5+deb8u1
From: Roberto C. Sánchez <roberto@debian.org>
Date: Tue, 18 Feb 2020 17:29:32 -0500
Message-id: <[🔎] 20200218222932.GE4150@connexer.com>
Mail-followup-to: Roberto C. Sánchez <roberto@debian.org>, debian-lts@lists.debian.org

Hello all,

I have prepared an update of zsh to address CVE-2019-20044.  I have
tested the resulting packages, including specifically testing to ensure
that the backported patches address the privilege escalation
vulnerability.  However, given the magnitude of the change (patches
totalling around 850 lines in all) and the fact that as a shell zsh is a
particularly important bit of infrastructure, I would greatly appreciate
some additional testing by any regular zsh users out there; I am not a
regular zsh user.

A signed package is available here: https://people.debian.org/~roberto/zsh/

In the absence of any negative reports, I intend to upload and publish
the corresponding advisory sometime on Monday, 24th February.

Regards,

-Roberto

-- 
Roberto C. Sánchez

Reply to:

Prev by Date: Re: Issues regarding ruby-rack/CVE-2019-16782
Next by Date: Re: (semi-)automatic unclaim of packages with more than 2 weeks of inactivity (and missing DLAs on www.do)
Previous by thread: Re: on updating debian-security-support in stable and oldstable (due to DSA-4562-1)
Next by thread: Re: Bug#931376: debian-security-support: mention nodejs is not for untrusted content
Index(es):
- Date
- Thread