Opened 6 years ago
Closed 6 years ago
#11100 closed enhancement (fixed)
zsh-5.6
| Reported by: | Bruce Dubbs | Owned by: | Bruce Dubbs |
|---|---|---|---|
| Priority: | normal | Milestone: | 8.4 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New minor version.
Change History (3)
comment:1 by , 6 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 6 years ago
Note:
See TracTickets
for help on using tickets.
Changes from 5.5.1-test-2 to 5.6
CVE-2018-0502: Data from the second line of a #! script file might be passed to execve(). For example, in the following situation -
. printf '#!foo\nbar' > baz ./baz .the shell might take "bar" rather than "foo" for the argv[0] to be passed to execve().
CVE-2018-13259: A shebang line longer than 64 characters would be truncated. For example, in the following situation:
. ( printf '#!'; repeat 64 printf 'x'; printf 'y' ) > foo ./foo .the shell might execute x...x (64 repetitions) rather than x...xy (64 x's, one y).
Changes from 5.5.1 to 5.5.1-test-2
Non-stop IEEE 754 arithmetic support - Inf and NaN are now returned from floating point operations where errors were printed before. Inf and NaN are also recognized in arithmetic expressions.
In shell patterns, :blank: now honors the locale instead of matching exclusively on space and tab, like for the other POSIX character classes or for extended regular expressions.
Nanosecond precision on file times is supported in the module zsh/stat.