An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one.
An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line.
-Gentoo Security Padawan-
@ Maintainer(s): Can we already start stabilization of =app-shells/zsh-5.6?
@arches, please stabilize.
hppa stable. all arches stable
D'uh... sorry guys. I completely forgot this being a security bug...
This issue was resolved and addressed in
GLSA 201903-02 at https://security.gentoo.org/glsa/201903-02
by GLSA coordinator Aaron Bauman (b-man).