AVG-642

Package zsh
Status Fixed
Severity Medium
Type denial of service
Affected 5.4.2-2
Fixed 5.5-1
Current 5.6.2-1 [extra]
Ticket None
Created Wed Feb 28 05:46:51 2018
Issue Severity Remote Type Description
CVE-2018-7549 Medium No Denial of service
In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p.
CVE-2018-7548 Medium No Denial of service
In subst.c in zsh through 5.4.2, there is a NULL pointer dereference when using ${(PA)...} on an empty array result.
Date Advisory Package Description
19 Apr 2018 ASA-201804-7 zsh denial of service