[El-errata] ELSA-2018-1932 Moderate: Oracle Linux 6 zsh security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue Jun 26 13:21:16 PDT 2018
Oracle Linux Security Advisory ELSA-2018-1932
http://linux.oracle.com/errata/ELSA-2018-1932.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
zsh-4.3.11-8.el6.i686.rpm
zsh-html-4.3.11-8.el6.i686.rpm
x86_64:
zsh-4.3.11-8.el6.x86_64.rpm
zsh-html-4.3.11-8.el6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/zsh-4.3.11-8.el6.src.rpm
Description of changes:
[4.3.11-8]
- fix defects detected by Coverity related to CVE-2017-18206 and
CVE-2018-1083
[4.3.11-7]
- fix stack-based buffer overflow in utils.c:checkmailpath() (CVE-2018-1100)
- fix stack-based buffer overflow in gen_matches_files() (CVE-2018-1083)
- fix buffer overrun in xsymlinks (CVE-2017-18206)
- fix buffer overflow when scanning very long path for symlinks
(CVE-2014-10072)
[4.3.11-6]
- signal-handling related fixes collected from upstream (#1311166)
[4.3.11-5]
- fix malloc() signal leak in lexsave() (#1267903)
More information about the El-errata
mailing list