import zsh-5.5.1-6.el8_1.2

2020-03-19 06:45:43 -04:00 · 2020-03-19 06:45:43 -04:00 · 257263729d
commit 257263729d
parent ced9abba38
2 changed files with 1388 additions and 1 deletions
--- a/SOURCES/0004-zsh-5.5.1-CVE-2019-20044.patch
+++ b/SOURCES/0004-zsh-5.5.1-CVE-2019-20044.patch
--- a/SPECS/zsh.spec
+++ b/SPECS/zsh.spec
@ -1,7 +1,7 @@
 Summary: Powerful interactive shell
 Name: zsh
 Version: 5.5.1
-Release: 6%{?dist}
+Release: 6%{?dist}.2
 License: MIT
 URL: http://zsh.sourceforge.net/
 Source0: https://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.xz
@ -21,6 +21,9 @@ Patch2:  0002-zsh-5.5.1-static-analysis.patch
 # return non-zero exit status on nested parse error (#1654989)
 Patch3:  0003-zsh-5.5.1-parse-error-exit-status.patch

+# drop privileges securely when unsetting PRIVILEGED option (CVE-2019-20044)
+Patch4:  0004-zsh-5.5.1-CVE-2019-20044.patch
+
 BuildRequires: autoconf
 BuildRequires: coreutils
 BuildRequires: gawk
@ -176,6 +179,12 @@ fi
 %doc Doc/*.html

 %changelog
+* Tue Mar 03 2020 Kamil Dudka <kdudka@redhat.com> - 5.5.1-6.el8_1.2
+- improve printing of error messages introduced by the fix of CVE-2019-20044
+
+* Mon Feb 24 2020 Kamil Dudka <kdudka@redhat.com> - 5.5.1-6.el8_1.1
+- drop privileges securely when unsetting PRIVILEGED option (CVE-2019-20044)
+
 * Mon Dec 17 2018 Kamil Dudka <kdudka@redhat.com> - 5.5.1-6
 - return non-zero exit status on nested parse error (#1654989)