Release date:
2025-10-28 17:47:51 UTC
Description:
* SECURITY UPDATE: insecure privilege dropping vulnerability
- debian/patches/CVE-2019-20044-*.patch: improve error handling in
setopt command, add OpenSSH-based setresuid/setresgid wrappers,
simplify and secure privilege dropping logic, add comprehensive
tests for PRIVILEGED option
- CVE-2019-20044
Updated packages:
-
zsh_5.7.1-1+deb10u1+tuxcare.els1_amd64.deb
sha:bc7022c352b4dfeeaaab2f40872b2c6f57f2a381
-
zsh-common_5.7.1-1+deb10u1+tuxcare.els1_all.deb
sha:4f20c7a66dd2fde2f36fa38bc9adc03ede4533c6
-
zsh-dev_5.7.1-1+deb10u1+tuxcare.els1_amd64.deb
sha:27c6bffacec3093ff27abaece2a20c0e486c5bf3
-
zsh-doc_5.7.1-1+deb10u1+tuxcare.els1_all.deb
sha:128f0a8beeecacb229aca8c806a481754e2738b6
-
zsh-static_5.7.1-1+deb10u1+tuxcare.els1_amd64.deb
sha:d29d9b3c9968d3c0ac03c21af5c27851a9411f21
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
