Zsh Mailing List Archive
Messages sorted by: Reverse Date, Date, Thread, Author

Re: zsh 5.0.7 released

On Oct 9,  6:41pm, shawn wilson wrote:
} > > > privilege escalation, under some specific and atypical conditions
} > > > where zsh is being invoked in privilege elevation contexts when the
} > > > environment has not been properly sanitized, such as when zsh is
} > > > invoked by sudo on systems where "env_reset" has been disabled.
} > >
} > > Was this security issue in SSH discussed on the list somewhere (I can't
} s/SSH/bash/

Did you mean zsh instead of bash?

} > > seem to find other mention of it outside the readme - not even direct
} > > mention in changelog or git log)...?
} And I was referring to the zsh readme, changelog, git log.

The paragraph about "privilege escalation" quoted above appears at the
top of the README file.

Change log entry is this:

2014-09-29  Peter Stephenson  <p.stephenson@xxxxxxxxxxx>

        * users/19183: Src/hist.c: handle unlikely error case with
        fdopen() better.

        * 33276: Src/params.c, Src/zsh.h: safer import of numerical
        variables from environment.

The git log is very brief and is the same as the 33276 ChangeLog.

} > I don't know of an ssh issue,  but the sudo issue was discussed offline.
} >
} > The original point about sanitising integer imports, however, was
} discussed
} > here.
} Huh, I'll look again.

The first mention of the integer import problem on the list is here:


Barton E. Schaefer

Messages sorted by: Reverse Date, Date, Thread, Author