| Summary: | zsh new security issues CVE-2018-1071, CVE-2018-1083, and CVE-2018-1100 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | major | ||
| Priority: | Normal | CC: | marja11, shlomif, sysadmin-bugs, tarazed25 |
| Version: | 6 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA6-64-OK | ||
| Source RPM: | zsh-5.3.1-1.2.mga6.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2018-03-31 21:38:52 CEST
David Walser
2018-03-31 21:38:59 CEST
Whiteboard:
(none) =>
MGA6TOO Assigning to the registered maintainer. Assignee:
bugsquad =>
shlomif Already fixed in mga7 by the 5.5 version (according to the ChangeLog.) Version:
Cauldron =>
6 Can I upgrade the mga6 package to zsh 5.5 too? I'm not familiar enough with it to say, but as long as there aren't any incompatible changes, it should be fine. Updated version also submitted by Shlomi to fix this for Mageia 6. Advisory: ======================== Updated zsh packages fix security vulnerabilities: Richard Maciel Costa discovered that Zsh incorrectly handled certain inputs. An attacker could possibly use this to cause a denial of service (CVE-2018-1071). It was discovered that Zsh incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code (CVE-2018-1083). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1071 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1083 https://usn.ubuntu.com/3608-1/ ======================== Updated packages in core/updates_testing: ======================== zsh-5.5-1.1.mga6 zsh-doc-5.5-1.1.mga6 from zsh-5.5-1.1.mga6.src.rpm Assignee:
shlomif =>
qa-bugs Mageia 6, x86_64 Installed zsh then updated it. Changed user shell to /bin/zsh $ sudo chsh lcl then logged out and in. $ echo $SHELL /bin/zsh Open terminal windows all displayed the initial configuration dialogue to create a .zshrc file. Executed the configuration in one xterm and used quit in two others. $ cat .zshrc # Lines configured by zsh-newuser-install HISTFILE=~/.histfile HISTSIZE=1000 SAVEHIST=1000 setopt autocd bindkey -e # End of lines configured by zsh-newuser-install # The following lines were added by compinstall zstyle :compinstall filename '/home/lcl/.zshrc' autoload -Uz compinit compinit # End of lines added by compinstall All the normal terminal commands/keys seemed to work just as in bash. Tried history, !1, cut&paste into an editor, cd, ll .... My keyboard command mappings for emacs worked as before. Tab for file completion worked; and also for command completion. Another login cycle to make sure everything was still running properly. None of the six xterms showed the configuration dialogue any more. In the absence of any obvious PoC this is about all we can do for this bug. Giving it the OK. CC:
(none) =>
tarazed25
Len Lawrence
2018-04-17 23:57:43 CEST
Keywords:
(none) =>
validated_update
Lewis Smith
2018-04-20 08:56:34 CEST
Keywords:
(none) =>
advisory An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2018-0206.html Status:
ASSIGNED =>
RESOLVED Fedora has issued an advisory for this on April 17: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/YXTE6OF43VIKZO66REB25GZTGRUG2Z24/ This update also fixed CVE-2018-1100. Summary:
zsh new security issues CVE-2018-1071 and CVE-2018-1083 =>
zsh new security issues CVE-2018-1071, CVE-2018-1083, and CVE-2018-1100 |