[ubuntu/bionic-updates] zsh 5.4.2-3ubuntu3.2 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Mon Mar 14 16:28:14 UTC 2022
zsh (5.4.2-3ubuntu3.2) bionic-security; urgency=medium
* SECURITY UPDATE: Regain dropped privileges
- debian/patches/CVE-2019-20044-pre.patch: change the order of the calls to
setgid (this should go first) and setuid in Src/options.c.
- debian/patches/CVE-2019-20044-1.patch: add extra checks to drop privileges
securely in Src/options.c.
- debian/patches/CVE-2019-20044-2.patch: add Src/openssh_bsd_setres_id.c
and its object file to Src/zsh.mdd, fix some of the checks from the
previous patch in Src/options.c, update compatibility wrappers in
Src/zsh_system.h, update the uid/gid methods in AC_CHECK_FUNCS in
configure.ac and add a test in Test/E01options.ztst.
- debian/patches/CVE-2019-20044-3.patch: improve Src/options.c changes from
above two patches.
- debian/patches/CVE-2019-20044-4.patch: clean up white spaces in
Src/options.c.
- debian/patches/CVE-2019-20044-5.patch: add privileged tests to
Test/P01privileged.ztst, remove the notes on privileged test in
Test/E01options.ztst and add the prilived tests to the Test/README.
- CVE-2019-20044
* SECURITY UPDATE: Arbitrary code execution
- debian/patches/CVE-2021-45444.patch: save PROMPTSUBST option before
the call to promptexpand() in b/Src/prompt.c and restore after it is
executed.
- CVE-2021-45444
Date: 2022-03-11 21:27:11.090667+00:00
Changed-By: Rodrigo Figueiredo Zaiden <rodrigo.zaiden at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/zsh/5.4.2-3ubuntu3.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list