ZSH and lib32-openssl Updates for Arch Linux

Arch Linux 804 Published by

The following updates has been released for Arch Linux:

ASA-201804-5: zsh: arbitrary code execution
ASA-201804-6: lib32-openssl: private key recovery



ASA-201804-5: zsh: arbitrary code execution


Arch Linux Security Advisory ASA-201804-5
=========================================

Severity: High
Date : 2018-04-11
CVE-ID : CVE-2018-1100
Package : zsh
Type : arbitrary code execution
Remote : No
Link : https://security.archlinux.org/AVG-669

Summary
=======

The package zsh before version 5.5-1 is vulnerable to arbitrary code
execution.

Resolution
==========

Upgrade to 5.5-1.

# pacman -Syu "zsh>=5.5-1"

The problem has been fixed upstream in version 5.5.

Workaround
==========

None.

Description
===========

A stack-based buffer overflow has been found in zsh

Tiff Security Updates for Debian 7 LTS

Gbrainy 2.3.5 released

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...