Security update for zsh SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2022:0161-1 Final 1 1 2022-01-24T10:48:03Z current 2022-01-24T10:48:03Z 2022-01-24T10:48:03Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for zsh This update for zsh fixes the following issues: - CVE-2018-0502: Fixed execve call vulnerability to program named on the second line when the beginning of a #! script file was mishandled. (bsc#1107296, bsc#1107294) - CVE-2018-13259: Fixed execve call vulnerability to program name that is a substring of the intended one. (bsc#1107296, bsc#1107294) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). HPE-Helion-OpenStack-8-2022-161,Image SLES12-SP4-Azure-BYOS-2022-161,Image SLES12-SP4-EC2-HVM-BYOS-2022-161,Image SLES12-SP4-GCE-BYOS-2022-161,Image SLES12-SP4-SAP-Azure-2022-161,Image SLES12-SP4-SAP-Azure-BYOS-2022-161,Image SLES12-SP4-SAP-Azure-LI-BYOS-Production-2022-161,Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production-2022-161,Image SLES12-SP4-SAP-EC2-HVM-2022-161,Image SLES12-SP4-SAP-EC2-HVM-BYOS-2022-161,Image SLES12-SP4-SAP-GCE-2022-161,Image SLES12-SP4-SAP-GCE-BYOS-2022-161,Image SLES12-SP5-Azure-BYOS-2022-161,Image SLES12-SP5-Azure-Basic-On-Demand-2022-161,Image SLES12-SP5-Azure-HPC-BYOS-2022-161,Image SLES12-SP5-Azure-HPC-On-Demand-2022-161,Image SLES12-SP5-Azure-SAP-BYOS-2022-161,Image SLES12-SP5-Azure-SAP-On-Demand-2022-161,Image SLES12-SP5-Azure-Standard-On-Demand-2022-161,Image SLES12-SP5-EC2-BYOS-2022-161,Image SLES12-SP5-EC2-On-Demand-2022-161,Image SLES12-SP5-EC2-SAP-BYOS-2022-161,Image SLES12-SP5-EC2-SAP-On-Demand-2022-161,Image SLES12-SP5-GCE-BYOS-2022-161,Image SLES12-SP5-GCE-On-Demand-2022-161,Image SLES12-SP5-GCE-SAP-BYOS-2022-161,Image SLES12-SP5-GCE-SAP-On-Demand-2022-161,Image SLES12-SP5-SAP-Azure-LI-BYOS-Production-2022-161,Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production-2022-161,SUSE-2022-161,SUSE-OpenStack-Cloud-8-2022-161,SUSE-OpenStack-Cloud-9-2022-161,SUSE-OpenStack-Cloud-Crowbar-8-2022-161,SUSE-OpenStack-Cloud-Crowbar-9-2022-161,SUSE-SLE-SAP-12-SP3-2022-161,SUSE-SLE-SAP-12-SP4-2022-161,SUSE-SLE-SERVER-12-SP2-BCL-2022-161,SUSE-SLE-SERVER-12-SP3-2022-161,SUSE-SLE-SERVER-12-SP3-BCL-2022-161,SUSE-SLE-SERVER-12-SP4-LTSS-2022-161,SUSE-SLE-SERVER-12-SP5-2022-161 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2022/suse-su-20220161-1/ Link for SUSE-SU-2022:0161-1 https://lists.suse.com/pipermail/sle-security-updates/2022-January/010048.html E-Mail link for SUSE-SU-2022:0161-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1107294 SUSE Bug 1107294 https://bugzilla.suse.com/1107296 SUSE Bug 1107296 https://www.suse.com/security/cve/CVE-2018-0502/ SUSE CVE CVE-2018-0502 page https://www.suse.com/security/cve/CVE-2018-13259/ SUSE CVE CVE-2018-13259 page HPE Helion OpenStack 8 Image SLES12-SP4-Azure-BYOS Image SLES12-SP4-EC2-HVM-BYOS Image SLES12-SP4-GCE-BYOS Image SLES12-SP4-SAP-Azure Image SLES12-SP4-SAP-Azure-BYOS Image SLES12-SP4-SAP-Azure-LI-BYOS-Production Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production Image SLES12-SP4-SAP-EC2-HVM Image SLES12-SP4-SAP-EC2-HVM-BYOS Image SLES12-SP4-SAP-GCE Image SLES12-SP4-SAP-GCE-BYOS Image SLES12-SP5-Azure-BYOS Image SLES12-SP5-Azure-Basic-On-Demand Image SLES12-SP5-Azure-HPC-BYOS Image SLES12-SP5-Azure-HPC-On-Demand Image SLES12-SP5-Azure-SAP-BYOS Image SLES12-SP5-Azure-SAP-On-Demand Image SLES12-SP5-Azure-Standard-On-Demand Image SLES12-SP5-EC2-BYOS Image SLES12-SP5-EC2-On-Demand Image SLES12-SP5-EC2-SAP-BYOS Image SLES12-SP5-EC2-SAP-On-Demand Image SLES12-SP5-GCE-BYOS Image SLES12-SP5-GCE-On-Demand Image SLES12-SP5-GCE-SAP-BYOS Image SLES12-SP5-GCE-SAP-On-Demand Image SLES12-SP5-SAP-Azure-LI-BYOS-Production Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 zsh-5.0.5-6.12.2 zsh-htmldoc-5.0.5-6.12.2 zsh-5.0.5-6.12.2 as a component of HPE Helion OpenStack 8 zsh-5.0.5-6.12.2 as a component of Image SLES12-SP4-Azure-BYOS zsh-5.0.5-6.12.2 as a component of Image SLES12-SP4-EC2-HVM-BYOS zsh-5.0.5-6.12.2 as a component of Image SLES12-SP4-GCE-BYOS zsh-5.0.5-6.12.2 as a component of Image SLES12-SP4-SAP-Azure zsh-5.0.5-6.12.2 as a component of Image SLES12-SP4-SAP-Azure-BYOS zsh-5.0.5-6.12.2 as a component of Image SLES12-SP4-SAP-Azure-LI-BYOS-Production zsh-5.0.5-6.12.2 as a component of Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production zsh-5.0.5-6.12.2 as a component of Image SLES12-SP4-SAP-EC2-HVM zsh-5.0.5-6.12.2 as a component of Image SLES12-SP4-SAP-EC2-HVM-BYOS zsh-5.0.5-6.12.2 as a component of Image SLES12-SP4-SAP-GCE zsh-5.0.5-6.12.2 as a component of Image SLES12-SP4-SAP-GCE-BYOS zsh-5.0.5-6.12.2 as a component of Image SLES12-SP5-Azure-BYOS zsh-5.0.5-6.12.2 as a component of Image SLES12-SP5-Azure-Basic-On-Demand zsh-5.0.5-6.12.2 as a component of Image SLES12-SP5-Azure-HPC-BYOS zsh-5.0.5-6.12.2 as a component of Image SLES12-SP5-Azure-HPC-On-Demand zsh-5.0.5-6.12.2 as a component of Image SLES12-SP5-Azure-SAP-BYOS zsh-5.0.5-6.12.2 as a component of Image SLES12-SP5-Azure-SAP-On-Demand zsh-5.0.5-6.12.2 as a component of Image SLES12-SP5-Azure-Standard-On-Demand zsh-5.0.5-6.12.2 as a component of Image SLES12-SP5-EC2-BYOS zsh-5.0.5-6.12.2 as a component of Image SLES12-SP5-EC2-On-Demand zsh-5.0.5-6.12.2 as a component of Image SLES12-SP5-EC2-SAP-BYOS zsh-5.0.5-6.12.2 as a component of Image SLES12-SP5-EC2-SAP-On-Demand zsh-5.0.5-6.12.2 as a component of Image SLES12-SP5-GCE-BYOS zsh-5.0.5-6.12.2 as a component of Image SLES12-SP5-GCE-On-Demand zsh-5.0.5-6.12.2 as a component of Image SLES12-SP5-GCE-SAP-BYOS zsh-5.0.5-6.12.2 as a component of Image SLES12-SP5-GCE-SAP-On-Demand zsh-5.0.5-6.12.2 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production zsh-5.0.5-6.12.2 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production zsh-5.0.5-6.12.2 as a component of SUSE Linux Enterprise Server 12 SP2-BCL zsh-5.0.5-6.12.2 as a component of SUSE Linux Enterprise Server 12 SP3-BCL zsh-5.0.5-6.12.2 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS zsh-5.0.5-6.12.2 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS zsh-5.0.5-6.12.2 as a component of SUSE Linux Enterprise Server 12 SP5 zsh-5.0.5-6.12.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 zsh-5.0.5-6.12.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 zsh-5.0.5-6.12.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 zsh-5.0.5-6.12.2 as a component of SUSE OpenStack Cloud 8 zsh-5.0.5-6.12.2 as a component of SUSE OpenStack Cloud 9 zsh-5.0.5-6.12.2 as a component of SUSE OpenStack Cloud Crowbar 8 zsh-5.0.5-6.12.2 as a component of SUSE OpenStack Cloud Crowbar 9 An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line. CVE-2018-0502 HPE Helion OpenStack 8:zsh-5.0.5-6.12.2 Image SLES12-SP4-Azure-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP4-EC2-HVM-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP4-GCE-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP4-SAP-Azure-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP4-SAP-Azure-LI-BYOS-Production:zsh-5.0.5-6.12.2 Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production:zsh-5.0.5-6.12.2 Image SLES12-SP4-SAP-Azure:zsh-5.0.5-6.12.2 Image SLES12-SP4-SAP-EC2-HVM-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP4-SAP-EC2-HVM:zsh-5.0.5-6.12.2 Image SLES12-SP4-SAP-GCE-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP4-SAP-GCE:zsh-5.0.5-6.12.2 Image SLES12-SP5-Azure-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP5-Azure-Basic-On-Demand:zsh-5.0.5-6.12.2 Image SLES12-SP5-Azure-HPC-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP5-Azure-HPC-On-Demand:zsh-5.0.5-6.12.2 Image SLES12-SP5-Azure-SAP-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP5-Azure-SAP-On-Demand:zsh-5.0.5-6.12.2 Image SLES12-SP5-Azure-Standard-On-Demand:zsh-5.0.5-6.12.2 Image SLES12-SP5-EC2-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP5-EC2-On-Demand:zsh-5.0.5-6.12.2 Image SLES12-SP5-EC2-SAP-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP5-EC2-SAP-On-Demand:zsh-5.0.5-6.12.2 Image SLES12-SP5-GCE-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP5-GCE-On-Demand:zsh-5.0.5-6.12.2 Image SLES12-SP5-GCE-SAP-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP5-GCE-SAP-On-Demand:zsh-5.0.5-6.12.2 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:zsh-5.0.5-6.12.2 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:zsh-5.0.5-6.12.2 SUSE Linux Enterprise Server 12 SP2-BCL:zsh-5.0.5-6.12.2 SUSE Linux Enterprise Server 12 SP3-BCL:zsh-5.0.5-6.12.2 SUSE Linux Enterprise Server 12 SP3-LTSS:zsh-5.0.5-6.12.2 SUSE Linux Enterprise Server 12 SP4-LTSS:zsh-5.0.5-6.12.2 SUSE Linux Enterprise Server 12 SP5:zsh-5.0.5-6.12.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:zsh-5.0.5-6.12.2 SUSE Linux Enterprise Server for SAP Applications 12 SP4:zsh-5.0.5-6.12.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:zsh-5.0.5-6.12.2 SUSE OpenStack Cloud 8:zsh-5.0.5-6.12.2 SUSE OpenStack Cloud 9:zsh-5.0.5-6.12.2 SUSE OpenStack Cloud Crowbar 8:zsh-5.0.5-6.12.2 SUSE OpenStack Cloud Crowbar 9:zsh-5.0.5-6.12.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20220161-1/ https://www.suse.com/security/cve/CVE-2018-0502.html CVE-2018-0502 https://bugzilla.suse.com/1107296 SUSE Bug 1107296 https://bugzilla.suse.com/1194009 SUSE Bug 1194009 https://bugzilla.suse.com/1194012 SUSE Bug 1194012 https://bugzilla.suse.com/1200039 SUSE Bug 1200039 https://bugzilla.suse.com/1200209 SUSE Bug 1200209 An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one. CVE-2018-13259 HPE Helion OpenStack 8:zsh-5.0.5-6.12.2 Image SLES12-SP4-Azure-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP4-EC2-HVM-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP4-GCE-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP4-SAP-Azure-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP4-SAP-Azure-LI-BYOS-Production:zsh-5.0.5-6.12.2 Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production:zsh-5.0.5-6.12.2 Image SLES12-SP4-SAP-Azure:zsh-5.0.5-6.12.2 Image SLES12-SP4-SAP-EC2-HVM-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP4-SAP-EC2-HVM:zsh-5.0.5-6.12.2 Image SLES12-SP4-SAP-GCE-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP4-SAP-GCE:zsh-5.0.5-6.12.2 Image SLES12-SP5-Azure-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP5-Azure-Basic-On-Demand:zsh-5.0.5-6.12.2 Image SLES12-SP5-Azure-HPC-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP5-Azure-HPC-On-Demand:zsh-5.0.5-6.12.2 Image SLES12-SP5-Azure-SAP-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP5-Azure-SAP-On-Demand:zsh-5.0.5-6.12.2 Image SLES12-SP5-Azure-Standard-On-Demand:zsh-5.0.5-6.12.2 Image SLES12-SP5-EC2-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP5-EC2-On-Demand:zsh-5.0.5-6.12.2 Image SLES12-SP5-EC2-SAP-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP5-EC2-SAP-On-Demand:zsh-5.0.5-6.12.2 Image SLES12-SP5-GCE-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP5-GCE-On-Demand:zsh-5.0.5-6.12.2 Image SLES12-SP5-GCE-SAP-BYOS:zsh-5.0.5-6.12.2 Image SLES12-SP5-GCE-SAP-On-Demand:zsh-5.0.5-6.12.2 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:zsh-5.0.5-6.12.2 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:zsh-5.0.5-6.12.2 SUSE Linux Enterprise Server 12 SP2-BCL:zsh-5.0.5-6.12.2 SUSE Linux Enterprise Server 12 SP3-BCL:zsh-5.0.5-6.12.2 SUSE Linux Enterprise Server 12 SP3-LTSS:zsh-5.0.5-6.12.2 SUSE Linux Enterprise Server 12 SP4-LTSS:zsh-5.0.5-6.12.2 SUSE Linux Enterprise Server 12 SP5:zsh-5.0.5-6.12.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:zsh-5.0.5-6.12.2 SUSE Linux Enterprise Server for SAP Applications 12 SP4:zsh-5.0.5-6.12.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5:zsh-5.0.5-6.12.2 SUSE OpenStack Cloud 8:zsh-5.0.5-6.12.2 SUSE OpenStack Cloud 9:zsh-5.0.5-6.12.2 SUSE OpenStack Cloud Crowbar 8:zsh-5.0.5-6.12.2 SUSE OpenStack Cloud Crowbar 9:zsh-5.0.5-6.12.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20220161-1/ https://www.suse.com/security/cve/CVE-2018-13259.html CVE-2018-13259 https://bugzilla.suse.com/1107294 SUSE Bug 1107294 https://bugzilla.suse.com/1194009 SUSE Bug 1194009 https://bugzilla.suse.com/1194012 SUSE Bug 1194012 https://bugzilla.suse.com/1200039 SUSE Bug 1200039 https://bugzilla.suse.com/1200209 SUSE Bug 1200209