Zsh: Multiple vulnerabilities Multiple vulnerabilities have been found in Zsh, the worst of which could allow local attackers to execute arbitrary code. zsh 2018-05-26 2018-05-26 649614 651860 655708 local 5.5 5.5

A shell designed for interactive use, although it is also a powerful scripting language.

Multiple vulnerabilities have been discovered in Zsh. Please review the CVE identifiers referenced below for details.

A local attacker could execute arbitrary code, escalate privileges, or cause a Denial of Service condition.

There is no known workaround at this time.

All Zsh users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=app-shells/zsh-5.5" CVE-2017-18205 CVE-2017-18206 CVE-2018-1071 CVE-2018-1083 CVE-2018-1100 CVE-2018-7548 CVE-2018-7549 b-man b-man