Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
Z
zsh
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Iterations
Wiki
Requirements
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Locked files
Build
Pipelines
Jobs
Pipeline schedules
Test cases
Artifacts
Deploy
Releases
Package Registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Code review analytics
Issue analytics
Insights
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
staging
src-rhel
rpms
zsh
Commits
683310d3
Commit
683310d3
authored
3 years ago
by
CentOS Sources
Browse files
Options
Downloads
Patches
Plain Diff
import zsh-5.5.1-9.el8
parent
021e4f3c
No related branches found
Branches containing commit
Tags
imports/r10s/libpciaccess-0.16-15.el10
Tags containing commit
No related merge requests found
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
SOURCES/0005-zsh-5.5.1-CVE-2021-45444.patch
+45
-0
45 additions, 0 deletions
SOURCES/0005-zsh-5.5.1-CVE-2021-45444.patch
SPECS/zsh.spec
+9
-3
9 additions, 3 deletions
SPECS/zsh.spec
with
54 additions
and
3 deletions
SOURCES/0005-zsh-5.5.1-CVE-2021-45444.patch
0 → 100644
+
45
−
0
View file @
683310d3
From 9ce87af4ced4e21258e6003f1fb65b05ca5a7d14 Mon Sep 17 00:00:00 2001
From: Oliver Kiddle <opk@zsh.org>
Date: Wed, 15 Dec 2021 01:56:40 +0100
Subject: [PATCH] security/41: Don't perform PROMPT_SUBST evaluation on %F/%K
arguments
Mitigates CVE-2021-45444
Upstream-commit: c187154f47697cdbf822c2f9d714d570ed4a0fd1
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
Src/prompt.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/Src/prompt.c b/Src/prompt.c
index 95da525..1368f8e 100644
--- a/Src/prompt.c
+++ b/Src/prompt.c
@@ -244,6 +244,12 @@
parsecolorchar(int arg, int is_fg)
bv->fm += 2; /* skip over F{ */
if ((ep = strchr(bv->fm, '}'))) {
char oc = *ep, *col, *coll;
+ int ops = opts[PROMPTSUBST], opb = opts[PROMPTBANG];
+ int opp = opts[PROMPTPERCENT];
+
+ opts[PROMPTPERCENT] = 1;
+ opts[PROMPTSUBST] = opts[PROMPTBANG] = 0;
+
*ep = '\0';
/* expand the contents of the argument so you can use
* %v for example */
@@ -252,6 +258,10 @@
parsecolorchar(int arg, int is_fg)
arg = match_colour((const char **)&coll, is_fg, 0);
free(col);
bv->fm = ep;
+
+ opts[PROMPTSUBST] = ops;
+ opts[PROMPTBANG] = opb;
+ opts[PROMPTPERCENT] = opp;
} else {
arg = match_colour((const char **)&bv->fm, is_fg, 0);
if (*bv->fm != '}')
--
2.34.1
This diff is collapsed.
Click to expand it.
SPECS/zsh.spec
+
9
−
3
View file @
683310d3
Summary: Powerful interactive shell
Name: zsh
Version: 5.5.1
Release:
6
%{?dist}
.2
Release:
9
%{?dist}
License: MIT
URL: http://zsh.sourceforge.net/
Source0: https://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.xz
...
...
@@ -24,6 +24,9 @@ Patch3: 0003-zsh-5.5.1-parse-error-exit-status.patch
# drop privileges securely when unsetting PRIVILEGED option (CVE-2019-20044)
Patch4: 0004-zsh-5.5.1-CVE-2019-20044.patch
# do not perform PROMPT_SUBST evaluation on %F/%K arguments (CVE-2021-45444)
Patch5: 0005-zsh-5.5.1-CVE-2021-45444.patch
BuildRequires: autoconf
BuildRequires: coreutils
BuildRequires: gawk
...
...
@@ -179,10 +182,13 @@ fi
%doc Doc/*.html
%changelog
* Tue Mar 03 2020 Kamil Dudka <kdudka@redhat.com> - 5.5.1-6.el8_1.2
* Tue Feb 22 2022 Kamil Dudka <kdudka@redhat.com> - 5.5.1-9
- do not perform PROMPT_SUBST evaluation on %F/%K arguments (CVE-2021-45444)
* Tue Mar 03 2020 Kamil Dudka <kdudka@redhat.com> - 5.5.1-8
- improve printing of error messages introduced by the fix of CVE-2019-20044
* Mon Feb 24 2020 Kamil Dudka <kdudka@redhat.com> - 5.5.1-
6.el8_1.1
* Mon Feb 24 2020 Kamil Dudka <kdudka@redhat.com> - 5.5.1-
7
- drop privileges securely when unsetting PRIVILEGED option (CVE-2019-20044)
* Mon Dec 17 2018 Kamil Dudka <kdudka@redhat.com> - 5.5.1-6
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment