Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

zsh: CVE-2018-1071

Related Vulnerabilities: CVE-2018-1071   CVE-2018-1083  

Source

Debian Bug report logs - #894044
zsh: CVE-2018-1071

version graph

Package: src:zsh; Maintainer for src:zsh is Debian Zsh Maintainers <pkg-zsh-devel@lists.alioth.debian.org>;

Reported by: Salvatore Bonaccorso <carnil@debian.org>

Date: Sun, 25 Mar 2018 19:06:01 UTC

Severity: normal

Tags: fixed-upstream, patch, security, upstream

Found in versions zsh/5.4.2-3, zsh/5.4.2-1

Fixed in version zsh/5.4.2-4

Done: Axel Beckert <abe@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, team@security.debian.org, Debian Zsh Maintainers <pkg-zsh-devel@lists.alioth.debian.org>:
Bug#894044; Package src:zsh. (Sun, 25 Mar 2018 19:06:04 GMT) (full text, mbox, link).

Acknowledgement sent to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, team@security.debian.org, Debian Zsh Maintainers <pkg-zsh-devel@lists.alioth.debian.org>. (Sun, 25 Mar 2018 19:06:04 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: zsh: CVE-2018-1071
Date: Sun, 25 Mar 2018 21:03:16 +0200
Source: zsh
Version: 5.4.2-3
Severity: normal
Tags: patch security upstream

Hi,

the following vulnerability was published for zsh.

CVE-2018-1071[0]:
| zsh through version 5.4.2 is vulnerable to a stack-based buffer
| overflow in the exec.c:hashcmd() function. A local attacker could
| exploit this to cause a denial of service.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-1071
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1071
[1] https://sourceforge.net/p/zsh/code/ci/679b71ec4d852037fe5f73d35bf557b0f406c8d4

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Added tag(s) fixed-upstream and pending. Request was from Axel Beckert <abe@debian.org> to control@bugs.debian.org. (Wed, 04 Apr 2018 23:27:06 GMT) (full text, mbox, link).

Marked as found in versions zsh/5.4.2-1. Request was from Axel Beckert <abe@debian.org> to control@bugs.debian.org. (Wed, 04 Apr 2018 23:27:06 GMT) (full text, mbox, link).

Reply sent to Axel Beckert <abe@debian.org>:
You have taken responsibility. (Sat, 07 Apr 2018 03:09:08 GMT) (full text, mbox, link).

Notification sent to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer. (Sat, 07 Apr 2018 03:09:09 GMT) (full text, mbox, link).

Message #14 received at 894044-close@bugs.debian.org (full text, mbox, reply):

From: Axel Beckert <abe@debian.org>
To: 894044-close@bugs.debian.org
Subject: Bug#894044: fixed in zsh 5.4.2-4
Date: Sat, 07 Apr 2018 03:06:10 +0000
Source: zsh
Source-Version: 5.4.2-4

We believe that the bug you reported is fixed in the latest version of
zsh, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 894044@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Axel Beckert <abe@debian.org> (supplier of updated zsh package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 07 Apr 2018 03:50:13 +0200
Source: zsh
Binary: zsh-common zsh zsh-doc zsh-static zsh-dev
Architecture: source all amd64
Version: 5.4.2-4
Distribution: unstable
Urgency: medium
Maintainer: Debian Zsh Maintainers <pkg-zsh-devel@lists.alioth.debian.org>
Changed-By: Axel Beckert <abe@debian.org>
Description:
 zsh        - shell with lots of features
 zsh-common - architecture independent files for Zsh
 zsh-dev    - shell with lots of features (development files)
 zsh-doc    - zsh documentation - info/HTML format
 zsh-static - shell with lots of features (static link)
Closes: 894043 894044
Changes:
 zsh (5.4.2-4) unstable; urgency=medium
 .
   * [d49689fe] Cherry-pick upstream patches to fix:
     + CVE-2018-1071 (Check bounds when copying path in "hashcmd()".
       Closes: #894044)
     + CVE-2018-1083 (Check bounds on PATH_MAX-sized buffer used for file
       completion candidates. Closes: #894043)
   * [01004557] Drop zsh-static lintian override for no more emitted tag.
   * [5c603baa] Update Vcs-* headers for move to Salsa.
   * [35768486] Declare compliance with Debian Policy 4.1.4. (No other
     changes were required.)
Checksums-Sha1:
 48e20986918e66ed05d42b935435397e32b5873e 2475 zsh_5.4.2-4.dsc
 1049fb1a1cf2737bd8c4493d069088d4fa84effd 77020 zsh_5.4.2-4.debian.tar.xz
 cd5934827588ce2f281b8902b145ce2cefe8d3fd 3529684 zsh-common_5.4.2-4_all.deb
 cc2908537d5f5d337ccd790fff6a5a6aa88de984 2156544 zsh-dbgsym_5.4.2-4_amd64.deb
 8fd622439c793c7e9c7621552c4f6dd0ae6c0606 243284 zsh-dev_5.4.2-4_amd64.deb
 c644d0936b4383366dc837c17b4dcfdc6bdf3d08 2662460 zsh-doc_5.4.2-4_all.deb
 cf04ccbc58e1b1fae69bc2e43874e59228211b2d 1563752 zsh-static-dbgsym_5.4.2-4_amd64.deb
 33e61acca0d9e05653276b31d3f777ee566ad6f5 1089264 zsh-static_5.4.2-4_amd64.deb
 e860516229c7a43b9118c89cb49bf25d65318368 9762 zsh_5.4.2-4_amd64.buildinfo
 bab2f8bd7bb20f58fd375bb68cc93fde5e76c75d 844744 zsh_5.4.2-4_amd64.deb
Checksums-Sha256:
 d5308a764204a7b0535e16aff78090314464cf764fd9424d20081cf05b052ae7 2475 zsh_5.4.2-4.dsc
 9775340ef5a2273c13f51f8ffa70b8238980da51c024723c2718d4af5240c5c1 77020 zsh_5.4.2-4.debian.tar.xz
 c175eee77b970e295d1c9652d68436e661ef4f721fc63dc397b8f8b3e6b70553 3529684 zsh-common_5.4.2-4_all.deb
 efd13dbbcbc22ab566304d91ca2c4a852755293cbca5abf624b8d4dcc04afe69 2156544 zsh-dbgsym_5.4.2-4_amd64.deb
 1644e42167cda1b63365880897d178a817bc99644f4c41af67220ffa47dbeb78 243284 zsh-dev_5.4.2-4_amd64.deb
 e45790b40c3a5dfec3f416c4584583689b663a116102bf322e5f671fdc45790c 2662460 zsh-doc_5.4.2-4_all.deb
 27f268dc10a210f47eb733381a557a1caa08e85395f92123e0bb0e7009d264b0 1563752 zsh-static-dbgsym_5.4.2-4_amd64.deb
 056adad0f23484292cc0e810483530fa943db96d48fee31f1105cc448279187a 1089264 zsh-static_5.4.2-4_amd64.deb
 28abb58c532e1a3f7a23fc71f5e7dcf581be88c2eaab58da491f5aaed543eed5 9762 zsh_5.4.2-4_amd64.buildinfo
 46001fdcfbafbed6a63fc0a0ed0d6b3fd844382561cb9eb0b47f92ed210f3d4c 844744 zsh_5.4.2-4_amd64.deb
Files:
 2d68ba263aab7c73930d077b093022ad 2475 shells optional zsh_5.4.2-4.dsc
 600cf476c63c51bd08ca44db760df68e 77020 shells optional zsh_5.4.2-4.debian.tar.xz
 94b525ce2bc8b292787f7014a49e6c35 3529684 shells optional zsh-common_5.4.2-4_all.deb
 b6ad5dd5d775393283a095ffcc8dde1d 2156544 debug optional zsh-dbgsym_5.4.2-4_amd64.deb
 51e3c380bbec89d8d3c9a7470ccb8cd4 243284 libdevel optional zsh-dev_5.4.2-4_amd64.deb
 36eddd8bbcc4036f5b222712214b0e41 2662460 doc optional zsh-doc_5.4.2-4_all.deb
 a8730337f6b6cbc1a8e13a494ae7e90c 1563752 debug optional zsh-static-dbgsym_5.4.2-4_amd64.deb
 2d43f3477fbdafce671f28368f842471 1089264 shells optional zsh-static_5.4.2-4_amd64.deb
 42e2e18b31ab38c194fcfc0e0ffeafd3 9762 shells optional zsh_5.4.2-4_amd64.buildinfo
 fbf13c15f6d25d7db77272748e193c77 844744 shells optional zsh_5.4.2-4_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERoyJeTtCmBnp12Ema+Zjx1o1yXUFAlrIJr0ACgkQa+Zjx1o1
yXWTzw/7BAx1uHihD40ltQSqz1vhDeaFdB9Yl6I+3w7pgzwuIQF/D9aaGXOGMhMd
g6uKF0BI+vLewO3xktcJrL+dN9sfoZFT/JqcHTEbRiFUyWDFyRVfsv7/tn0mtQgo
eBwkB3N3WCP/RNEakAF5bcxzBhXk+Knzq0BzIZ6aXrP2KmXjVSjja7IA9ogUVo7D
1vzTXE6hGBohFP5uVOEt/wF8ipbaLm9kTKfZebxRGxKahMNxW070EDNSOvLBQniF
T2idOz472iUcRAQKfeILKFvGWA6adWDRdcjosp9ejnLaVmuG9/O3S7/fnov60bgz
gLHs12zOd1E8+V00D0gHOMk+K+/T7QgVz5Rt69z4uIdoB72rjygj5Ak3ypS12sen
e8cZrTspw8hMepXTjLwWFBOHRgehJB225DvopJ9pwCb+7fJZGGzlUK38UPrWL7ew
va8tKIwh+uOF57knk5KfCGsZALnYzLYjYwZk7LFUrh7EBvuQhfY+Guyir78pCOJZ
UBoy/tqOVvZnoeCGXEv2kmiKGWpj0G1ssWc4Fma7VCZ+HxTOVx1UNa/qCY2pjVUV
6oMenInNUf4XADprJmUIhgiBw0kopl0XNj0miHB02GPhGMQs4zBMqiVEFpO8+YgR
EW/VK6/GDo1FVqIRkHgoOmrgO5kYbnCgyWVC16/AgPgYb19/O6w=
=SSP9
-----END PGP SIGNATURE-----

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 06 May 2018 07:27:40 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 16:51:01 2019; Machine Name: beach

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started