[Git][security-tracker-team/security-tracker][master] Add two new CVEs for zsh
Salvatore Bonaccorso
carnil at debian.org
Mon Sep 3 20:04:00 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
398b3737 by Salvatore Bonaccorso at 2018-09-03T19:03:19Z
Add two new CVEs for zsh
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7406,8 +7406,10 @@ CVE-2018-13261
RESERVED
CVE-2018-13260
RESERVED
-CVE-2018-13259
+CVE-2018-13259 [zsh shebang line expansion (#alphabetagamma)]
RESERVED
+ - zsh 5.6-1
+ NOTE: https://sourceforge.net/p/zsh/code/ci/1c4c7b6a4d17294df028322b70c53803a402233d
CVE-2018-13258
RESERVED
CVE-2018-13257
@@ -43833,8 +43835,10 @@ CVE-2018-0504
RESERVED
CVE-2018-0503
RESERVED
-CVE-2018-0502
+CVE-2018-0502 [zsh shebang line expansion (#!foo\nbar)]
RESERVED
+ - zsh 5.6-1
+ NOTE: https://sourceforge.net/p/zsh/code/ci/1c4c7b6a4d17294df028322b70c53803a402233d
CVE-2018-0501 (The mirror:// method implementation in Advanced Package Tool (APT) ...)
- apt 1.6.4
[stretch] - apt <not-affected> (Vulnerable code introduced in 1.6~alpha6)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/398b3737b9994f1bf0aa52ce65f21bb5c943c5c4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/398b3737b9994f1bf0aa52ce65f21bb5c943c5c4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180903/51cdd03d/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list