CVE-2018-13259 An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one. CVE-2018-0502 An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line. Demetris Nakos -Gentoo Security Padawan-
@ Maintainer(s): Can we already start stabilization of =app-shells/zsh-5.6?
@arches, please stabilize.
amd64 stable
sparc stable
x86 stable
arm64 stable
ia64 stable
ppc stable
ppc64 stable
arm stable
alpha stable
hppa stable. all arches stable
D'uh... sorry guys. I completely forgot this being a security bug...
This issue was resolved and addressed in GLSA 201903-02 at https://security.gentoo.org/glsa/201903-02 by GLSA coordinator Aaron Bauman (b-man).