diff options
| author | Daniel Shahaf <danielsh@apache.org> | 2020-03-07 21:36:46 +0000 |
|---|---|---|
| committer | Daniel Shahaf <danielsh@apache.org> | 2020-03-07 21:36:46 +0000 |
| commit | 6fc8e8628f9c3da6e4b83c3de67e44376708cbcb (patch) | |
| tree | c711b1d53564bcca757799e1d734e24859c5f32e | |
| parent | 0d3d07c56f75064310271bf4469c5c9c13145d58 (diff) | |
| parent | dd50f125b5eb65896642d2ff664adefd33f1004c (diff) | |
| download | zsh-6fc8e8628f9c3da6e4b83c3de67e44376708cbcb.tar.gz zsh-6fc8e8628f9c3da6e4b83c3de67e44376708cbcb.tar.xz zsh-6fc8e8628f9c3da6e4b83c3de67e44376708cbcb.zip | |
Merge remote-tracking branch 'origin/master' into 5.9
* Test/D02glob.ztst:
On the "unreadable directories can be globbed (users/24619, users/24626)"
test, resolve conflicts by removing the Cygwin-only skip that has been added
in master, since the test is passing on this branch. This effectively reverts
workers/45492. See discussion starting in workers/45504.
* origin/master:
unposted: Remove 'sgi', as that OpenBSD port has been discontinued.
45509: fix typos in B01cd.ztst
45490 (+45495 and a test): refactor rlimits.c
github #49: Fix typo: longson should be loongson
users/24710: Fix job control problem with sudo.
45492: skip test added by users/24633 on Cygwin
45488: COMP_WORDS for bash need "$@"-style quoting
45487: Missing mod_export declarations for AIX
45447: Complete vcs_info_hookadd and vcs_info_hookdel. Expose _vcs_info_hooks as a top-level helper function.
45463: test: kill: Document why we use SIGURG
45453: builtins: kill: Do not signal current process group when pid is empty
45452: builtins: kill: Add `kill ''` regression test with explicit sigspec
45451: builtins: kill: Add basic test suite
github #48/0002: vcs_info git: properly detect bare repositories
github #48/0001: vcs_info git: avoid warnings in bare repositories
unposted: Post-release version bump
unposted: Release 5.8
CVE-2019-20044: Update change log for preceding commits
Update NEWS/README
Add unsetopt/PRIVILEGED tests
Clean up error-message white space
Improve PRIVILEGED fixes (again)
Improve PRIVILEGED fixes
Drop privileges securely
unposted: V01zmodload: Fix failing test from workers/45385
45423: _su: Improve arg handling, shell look-ups
unposted: _zip: Recognise '--'
45385: Add a test for 'zmodload -Fa' preemptively disabling ("blacklisting"?) features.
unposted: Test release: 5.7.1-test-3
zsh/system: Fix infinite loop in sysread
_diff_options: Restore -w completion lost in workers/43351
unposted: Fix ChangeLog typo.
45368: Add tests for workers/45367's issue about double slashes in 'cd -P' and /home/daniel/in/zsh.
45373: Fix ERR_EXIT bug in else branch of if.
45372: Record a symlink loop bug involving :P
45365: _git: Fix __git_recent_branches for the case when a commit has an empty message
45343: Queue signals around arithmetic evaluations
45344: Document where third-party completion functions should be installed.
45345: internal: ztst.vim: Fix highlighting of zsh comments in test payload
unposted: internal: Add some comments and fix indentation. No functional change.
45340: internal: Document the difference between paramtab and realparamtab.
45332: _git: add completion for git-version
_brace_parameter: add missing \
Conflicts:
ChangeLog
Test/D02glob.ztst
Test/V01zmodload.ztst
50 files changed, 1287 insertions, 675 deletions
diff --git a/.gitignore b/.gitignore index e46f8517e..ec2f56642 100644 --- a/.gitignore +++ b/.gitignore @@ -123,7 +123,6 @@ Src/Builtins/*.mdh Src/Builtins/*.mdhi Src/Builtins/*.mdhs Src/Builtins/*.mdh.tmp -Src/Builtins/rlimits.h Src/Modules/Makefile.in Src/Modules/*.export @@ -57,6 +57,169 @@ * 45131: Src/exec.c, Test/E02xtrace.ztst: Make a function that redefines itself preserve its tracedness. +2020-03-06 Daniel Shahaf <danielsh@apache.org> + + * unposted: Completion/BSD/Type/_obsd_architectures: Remove + 'sgi', as that OpenBSD port has been discontinued. + +2020-03-06 Jun-ichi Takimoto <takimoto-j@kba.biglobe.ne.jp> + + * 45509: Test/B01cd.ztst: Fix typos. + + * 45490 (+45495 and a test): .gitignore, + Src/Builtins/rlimits.awk, Src/Builtins/rlimits.c, + Src/Builtins/rlimits.mdd, Test/B12limit.ztst, configure.ac: + Refactor rlimits.c. + +2020-03-05 Bryan Irvine <sparctacus@gmail.com> + + * github #49: Completion/BSD/Type/_obsd_architectures: Fix typo: + longson should be loongson + +2020-02-27 Peter Stephenson <p.w.stephenson@ntlworld.com> + + * users/24710: Src/exec.c, Src/jobs.c, Src/signals.c: when using + kill or killpg to test for continued existince of a process + group, check errono is ESRCH on failure as EPERM indicates + processes exist but under a different UID. + +2020-02-27 Jun-ichi Takimoto <takimoto-j@kba.biglobe.ne.jp> + + * 45492: Test/D02glob.ztst: skip test added by users/24633 + on Cygwin. + +2020-02-25 Peter Stephenson <p.stephenson@samsung.com> + + * 45488: Marc Cornella: Completion/bashcompinit: Need "$@" + quoting for empty words in COMP_WORDS for bash completion. + +2020-02-24 Peter Stephenson <p.stephenson@samsung.com> + + * 45487: Src/Zle/zle_keymap.c, Src/Zle/zle_main.c, + Src/Zle/zle_move.c, Src/builtin.c, Src/compat.c, Src/utils.c: + Add missing mod_export for AIX compilation. + +2020-02-19 Daniel Shahaf <danielsh@apache.org> + + * 45447: Completion/Zsh/Command/_zstyle, + Completion/Zsh/Function/_vcs_info, + Completion/Zsh/Type/_vcs_info_hooks: Complete vcs_info_hookadd + and vcs_info_hookdel. Expose _vcs_info_hooks as a top-level + helper function. + +2020-02-18 Chris Down <chris@chrisdown.name> + + * 45463: Test/B11kill.ztst: test: kill: Document why we use + SIGURG + + * 45453: Src/jobs.c, Test/B11kill.ztst: builtins: kill: Do not + signal current process group when pid is empty + + * 45452: Test/B11kill.ztst: builtins: kill: Add `kill ''` + regression test with explicit sigspec + + * 45451: Test/B11kill.ztst: builtins: kill: Add basic test suite + +2020-02-17 brian m. carlson <sandals@crustytoothpaste.net> + + * github #48/0002: + Functions/VCS_Info/Backends/VCS_INFO_get_data_git: vcs_info git: + properly detect bare repositories + + * github #48/0001: + Functions/VCS_Info/Backends/VCS_INFO_get_data_git: vcs_info git: + avoid warnings in bare repositories + +2020-02-14 dana <dana@dana.is> + + * unposted: Config/version.mk: Post-release version bump + + * unposted: Config/version.mk: Update for 5.8 + + * Sam Foxman, Daniel Shahaf, dana: CVE-2019-20044: NEWS, + README, Src/openssh_bsd_setres_id.c, Src/options.c, Src/zsh.mdd, + Src/zsh_system.h, Test/E01options.ztst, Test/P01privileged.ztst, + Test/README, configure.ac: Fix insecure dropping of privileges + when unsetting PRIVILEGED option + + * unposted: Test/V01zmodload.ztst: Fix failing test from + workers/45385 + + * 45423 (tweaked): Completion/Unix/Command/_su: Improve arg + handling, shell look-ups + +2020-02-07 dana <dana@dana.is> + + * unposted: Completion/Unix/Command/_zip: Recognise '--' + +2020-02-06 Daniel Shahaf <danielsh@apache.org> + + * 45385: Test/V01zmodload.ztst: Add a test for 'zmodload -Fa' + preemptively disabling ("blacklisting"?) features. + +2020-02-06 dana <dana@dana.is> + + * unposted: Config/version.mk: Update for 5.7.1-test-3 + + * Roman Perepelitsa: 45382: Src/Modules/system.c: Fix infinite + loop in sysread + + * Martin von Wittich: 45388 (tweaked): + Completion/Unix/Type/_diff_options: Restore -w completion lost + in workers/43351 + +2020-02-03 Daniel Shahaf <danielsh@apache.org> + + * 45368: Test/B01cd.ztst, Test/D02glob.ztst: Add tests for + workers/45367's issue about double slashes in 'cd -P' and + $PWD. + +2020-02-02 Peter Stephenson <p.w.stephenson@ntlworld.com> + + * 45373: Src/loop.c, Test/C03traps.ztst: ERR_EXIT failed on + command substitution in else branch. + +2020-02-02 Daniel Shahaf <danielsh@apache.org> + + * 45372: Etc/BUGS: Record a symlink loop bug involving :P + +2020-02-02 WGH <wgh@torlan.ru> + + * 45365: Completion/Unix/Command/_git: Fix __git_recent_branches + for the case when a commit has an empty message + +2020-01-29 Daniel Shahaf <danielsh@apache.org> + + * 45343: Src/exec.c, Src/math.c: Queue signals around arithmetic + evaluations + + * 45344: INSTALL: Document where third-party completion functions + should be installed. + +2020-01-28 Daniel Shahaf <danielsh@apache.org> + + * 45345: Util/ztst-syntax.vim: internal: ztst.vim: Fix + highlighting of zsh comments in test payload + +2020-01-26 Daniel Shahaf <danielsh@apache.org> + + * unposted: Src/init.c: internal: Add some comments and fix + indentation. No functional change. + +2020-01-23 Daniel Shahaf <danielsh@apache.org> + + * 45340: Src/params.c: internal: Document the difference between + paramtab and realparamtab. + +2020-01-19 Eitan Adler <lists@eitanadler.com> + + * 45332: Completion/Unix/Command/_git: add completion for + git-version + +2020-01-19 Mikael Magnusson <mikachu@gmail.com> + + * unposted: _brace_parameter: add missing \ + 2020-01-16 Daniel Shahaf <danielsh@apache.org> * 45305: Test/A01grammar.ztst: Add an XFail test: The diff --git a/Completion/BSD/Type/_obsd_architectures b/Completion/BSD/Type/_obsd_architectures index ca3e0e12f..cec000a08 100644 --- a/Completion/BSD/Type/_obsd_architectures +++ b/Completion/BSD/Type/_obsd_architectures @@ -3,4 +3,4 @@ local expl _description architectures expl 'architecture' -compadd "$@" "$expl[@]" alpha amd64 arm64 armv7 hppa i386 landisk longson luna88k macppc octeon sgi sparc64 +compadd "$@" "$expl[@]" alpha amd64 arm64 armv7 hppa i386 landisk loongson luna88k macppc octeon sparc64 diff --git a/Completion/Unix/Command/_git b/Completion/Unix/Command/_git index 92b72b936..8487ebc1a 100644 --- a/Completion/Unix/Command/_git +++ b/Completion/Unix/Command/_git @@ -407,6 +407,12 @@ _git-bundle () { return ret } +(( $+functions[_git-version] )) || +_git-version () { + _arguments -S $endopt \ + '--build-options[also print build options]' +} + (( $+functions[_git-check-ignore] )) || _git-check-ignore () { _arguments -s -S $endopt \ @@ -5951,7 +5957,8 @@ _git_commands () { show-branch:'show branches and their commits' verify-commit:'check GPG signature of commits' verify-tag:'check GPG signature of tags' - whatchanged:'show commit-logs and differences they introduce') + whatchanged:'show commit-logs and differences they introduce' + version:'show git version') interaction_commands=( archimport:'import an Arch repository into git' @@ -6655,8 +6662,8 @@ __git_recent_branches() { # 4. Obtain log messages for all of them in one shot. # TODO: we'd really like --sort=none here... but git doesn't support such a thing. - # The \n removal is because for-each-ref prints a \n after each entry. - descriptions=( ${(0)"$(_call_program all-descriptions "git --no-pager for-each-ref --format='%(refname)%00%(subject)%00'" refs/heads/${(q)^branches} "--")"//$'\n'} ) + local z=$'\0' + descriptions=( "${(0)"$(_call_program all-descriptions "git --no-pager for-each-ref --format='%(refname)%00%(subject)'" refs/heads/${(q)^branches} "--")"//$'\n'/$z}" ) # 5. Synthesize the data structure _describe wants. local -a branches_colon_descriptions diff --git a/Completion/Unix/Command/_su b/Completion/Unix/Command/_su index 900905632..032f867f4 100644 --- a/Completion/Unix/Command/_su +++ b/Completion/Unix/Command/_su @@ -9,36 +9,44 @@ local shell usr (( $words[(i)-(l|-login)] < CURRENT )) || args=( '-[use a login shell]' ) case $OSTYPE in linux*) + # Some of these options only apply to util-linux, not shadow-utils args=( -S $args - '(-c --command --session-command *)'{-c,--command=}'[pass command to shell]:command string:_cmdstring' + '(-c --command --session-command *)'{-c+,--command=}'[pass command to shell]:command string:_cmdstring' "(-c --command *)--session-command=[pass command to shell and don't create a new session]:command string:_cmdstring" '(--fast -f)'{-f,--fast}'[pass -f to shell]' '(-l --login -m -p --preserve-environment)'{-l,--login}'[use a login shell]' '(-l --login -m -p --preserve-environment)'{-m,-p,--preserve-environment}"[don't reset environment]" - '(-s --shell)'{-s,--shell=}'[run the specified shell]:shell:->shells' + '(-s --shell)'{-s+,--shell=}'[run the specified shell]:shell:->shells' '(-)--help[display help information]' '(-)--version[display version information]' ) - (( EUID )) || args+=( - '(-g --group)'{-g,--group=}'[specify primary group]:group:_groups' - \*{-G,--supp-group=}'[specify supplemental group]:group:_groups' + (( $#_comp_priv_prefix || EUID == 0 )) && args+=( + '(-g --group)'{-g+,--group=}'[specify primary group]:group:_groups' + \*{-G+,--supp-group=}'[specify supplemental group]:group:_groups' ) first="(--help --version)${first#???}" ;; *bsd*|darwin*|dragonfly*) args+=( - '-c[use settings from specified login class]:class' '-f[if the invoked shell is csh, prevent it from reading .cshrc]' '(-m)-l[use a login shell]' "(-l)-m[don't reset environment]" ) ;| + *bsd*|dragonfly*) + args+=( + '-c+[use settings from specified login class]:class' + ) + ;| freebsd*) args+=( '-s[set the MAC label]' ) ;; openbsd*) args+=( - '(-K)-a[specify authentication type]:authentication type' + # See login.conf(5) + '(-K)-a+[specify authentication type]:authentication type:( + activ chpass crypto lchpass passwd radius reject skey snk token yubikey + )' '(-a)-K[shorthand for -a passwd]' - '-s[run the specified shell]:shell:->shells' + '-s+[run the specified shell]:shell:->shells' '-L[loop until login succeeds]' ) ;; @@ -57,13 +65,26 @@ fi _arguments $args ${(e)first} "*:shell arguments:= ->rest" && return -usr=${line[norm]/--/root} -if (( $#opt_args[(i)-(s|-shell)] )); then +usr=${${(Q)line[norm]}/--/root} +# OpenBSD supports appending a log-in method to the user name, as in usr:radius +[[ $OSTYPE == openbsd* ]] && usr=${usr%:*} + +# Normal users generally don't appear in passwd on macOS; try the Directory +# Service first +if [[ $OSTYPE == darwin* ]] && (( $+commands[dscl] )); then + shell=${"$( + _call_program shells dscl . -read /Users/${(q)usr} UserShell + )"#UserShell: } +fi + +if [[ -n $shell ]]; then + : # Found above +elif (( ${#${(@M)args:#*-s[+\[]*:*}} && $#opt_args[(i)-(s|-shell)] )); then shell=${(v)opt_args[(i)-(s|-shell)]} elif (( ${+commands[getent]} )); then - shell="${$(_call_program shells getent passwd $usr)##*:}" + shell="${$(_call_program shells getent passwd ${(q)usr})##*:}" else - shell="${${(M@)${(@f)$(</etc/passwd)}:#$usr*}##*:}" + shell="${${(M@)${(@f)$(</etc/passwd)}:#${usr}:*}##*:}" fi case $state in diff --git a/Completion/Unix/Command/_zip b/Completion/Unix/Command/_zip index 1b1b6c315..bc9aab1a5 100644 --- a/Completion/Unix/Command/_zip +++ b/Completion/Unix/Command/_zip @@ -82,7 +82,7 @@ case $service in '*:file:->files' && ret=0 ;; unzip) - _arguments -C -s \ + _arguments -C -s -S \ '(-Z)-M[page output]' \ - unzip \ '(-f -u -l -t -z -d -p)-c[extract files to stdout including file names]' \ @@ -130,7 +130,7 @@ esac [[ $state == zipinfo ]] && uzi="-Z[zipinfo mode]" if [[ $service == zipinfo ]] || [[ -n $uzi ]]; then - _arguments -C -s \ + _arguments -C -s -S \ $uzi \ '(-2 -s -m -l -v -h -t -T -z)-1[filenames only]' \ '(-1 -s -m -l -v -T)-2[just filenames but allow -h/-t/-z]' \ @@ -170,7 +170,7 @@ case $state in fi 2>/dev/null if [[ $zipfile != $_zip_cache_name ]]; then _zip_cache_name="$zipfile" - _zip_cache_list=( ${(f)"$(zipinfo -1 $_zip_cache_name)"} ) + _zip_cache_list=( ${(f)"$(zipinfo -1 -- $_zip_cache_name)"} ) fi _wanted files expl 'file from archive' \ _multi_parts / _zip_cache_list && return diff --git a/Completion/Unix/Type/_diff_options b/Completion/Unix/Type/_diff_options index 4fd27442e..440913dff 100644 --- a/Completion/Unix/Type/_diff_options +++ b/Completion/Unix/Type/_diff_options @@ -92,6 +92,7 @@ if _pick_variant -r variant -c $cmd gnu=GNU unix -v || [[ $OSTYPE = freebsd<12-> '--ignore-file-name-case[ignore case when comparing file names]' \ '!(--ignore-file-name-case)--no-ignore-file-name-case' \ '(-b --ignore-space-change)'{-b,--ignore-space-change}'[ignore changes in the amount of white space]' \ + '(-w --ignore-all-space)'{-w,--ignore-all-space}'[ignore all white space]' \ '(-B --ignore-blank-lines)'{-B,--ignore-blank-lines}'[ignore lines that are all blank]' \ '(-I --ignore-matching-lines)'{-I+,--ignore-matching-lines=}'[ignore lines that match regex]:line exclusion regex:' \ '--strip-trailing-cr[strip trailing carriage return on input]' \ diff --git a/Completion/Zsh/Command/_zstyle b/Completion/Zsh/Command/_zstyle index 7db73c0c0..07b60605f 100644 --- a/Completion/Zsh/Command/_zstyle +++ b/Completion/Zsh/Command/_zstyle @@ -5,9 +5,6 @@ local nm=$compstate[nmatches] taglist patterns contexts MATCH integer MBEGIN MEND typeset -A opt_args styles -_vcs_info_hooks() { - compadd - ${functions[(I)+vi-*]#+vi-} -} # Assoc array of styles; the values give the possible top-level # contexts: # c completion diff --git a/Completion/Zsh/Context/_brace_parameter b/Completion/Zsh/Context/_brace_parameter index c6e74bf7b..6960cec9b 100644 --- a/Completion/Zsh/Context/_brace_parameter +++ b/Completion/Zsh/Context/_brace_parameter @@ -38,7 +38,7 @@ if [[ $PREFIX = *'${('[^\)]# ]]; then case $char in (g) compset -P '*' - flags=('o:octal escapes' 'c:expand ^X etc.' 'e:expand \M-t etc.') + flags=('o:octal escapes' 'c:expand ^X etc.' 'e:expand \\M-t etc.') _describe -t format 'format option' flags -Q -S '' ;; diff --git a/Completion/Zsh/Function/_vcs_info b/Completion/Zsh/Function/_vcs_info new file mode 100644 index 000000000..fdb28de6a --- /dev/null +++ b/Completion/Zsh/Function/_vcs_info @@ -0,0 +1,31 @@ +#compdef vcs_info_hookadd vcs_info_hookdel + +local -a hook_types=( + gen-applied-string + gen-hg-bookmark-string + gen-mqguards-string + gen-unapplied-string + no-vcs + post-backend + post-quilt + pre-addon-quilt + pre-get-data + set-branch-format + set-hgrev-format + set-message + set-patch-format + start-up +) + +local -a specs +case $service in + (vcs_info_hookdel) + specs=( '-a[remove all occurrences, not just the first]' ) + ;; +esac + +# TODO: for vcs_info_hookdel complete only functions installed for that hook +_arguments : \ + $specs \ + ":hook type:($hook_types)" \ + '*:hook function:_vcs_info_hooks' diff --git a/Completion/Zsh/Type/_vcs_info_hooks b/Completion/Zsh/Type/_vcs_info_hooks new file mode 100644 index 000000000..bad915000 --- /dev/null +++ b/Completion/Zsh/Type/_vcs_info_hooks @@ -0,0 +1,2 @@ +#autoload +compadd - ${functions[(I)+vi-*]#+vi-} diff --git a/Completion/bashcompinit b/Completion/bashcompinit index 02290a16f..b278ac8f4 100644 --- a/Completion/bashcompinit +++ b/Completion/bashcompinit @@ -10,7 +10,7 @@ _bash_complete() { (( COMP_POINT = 1 + ${#${(j. .)words[1,CURRENT-1]}} + $#QIPREFIX + $#IPREFIX + $#PREFIX )) (( COMP_CWORD = CURRENT - 1)) - COMP_WORDS=( $words ) + COMP_WORDS=( "${words[@]}" ) BASH_VERSINFO=( 2 05b 0 1 release ) savejobstates=( ${(kv)jobstates} ) diff --git a/Config/version.mk b/Config/version.mk index 99d8f965c..6540e4b98 100644 --- a/Config/version.mk +++ b/Config/version.mk @@ -27,5 +27,5 @@ # This must also serve as a shell script, so do not add spaces around the # `=' signs. -VERSION=5.7.1-test-2 -VERSION_DATE='December 21, 2019' +VERSION=5.8.0.1-dev +VERSION_DATE='February 15, 2020' @@ -29,3 +29,5 @@ skipped when STTY=... is set for that command 44007 - Martijn - exit in trap executes rest of function See test case in Test/C03traps.ztst. ------------------------------------------------------------------------ +45282: ${${:-foo}:P} where foo is a symlink that points to itself segfaults +------------------------------------------------------------------------ diff --git a/Functions/VCS_Info/Backends/VCS_INFO_get_data_git b/Functions/VCS_Info/Backends/VCS_INFO_get_data_git index ceb4f978a..5ddce72a6 100644 --- a/Functions/VCS_Info/Backends/VCS_INFO_get_data_git +++ b/Functions/VCS_Info/Backends/VCS_INFO_get_data_git @@ -138,7 +138,11 @@ VCS_INFO_git_handle_patches () { gitdir=${vcs_comm[gitdir]} VCS_INFO_git_getbranch ${gitdir} -gitbase=$( ${vcs_comm[cmd]} rev-parse --show-toplevel ) +gitbase=$( ${vcs_comm[cmd]} rev-parse --show-toplevel 2> /dev/null ) +if [[ -z ${gitbase} ]]; then + # Bare repository + gitbase=${gitdir:P} +fi rrn=${gitbase:t} if zstyle -t ":vcs_info:${vcs}:${usercontext}:${rrn}" get-revision ; then gitsha1=$(${vcs_comm[cmd]} rev-parse --quiet --verify HEAD) @@ -251,6 +251,16 @@ source code in the directory that "configure" is in. For example, Note that this is mutually exclusive with using the source directories as make can become confused by build files created in the source directories. +Writing third-party autoloadable functions +------------------------------------------ + +Third-party autoloadable functions, including but not limited to completion +functions, should be installed into the share/zsh/site-functions/ directory +under the respective installation prefix. That would typically be written as +$(DESTDIR)$(PREFIX)/share/zsh/site-functions/ in a makefile. If the +third-party tool's $(PREFIX) is not the same as zsh's prefix, then that +directory should be added to $fpath in zsh's initialization files. + ================================ AUTOMATIC NEW USER CONFIGURATION @@ -4,8 +4,22 @@ CHANGES FROM PREVIOUS VERSIONS OF ZSH Note also the list of incompatibilities in the README file. -Changes since 5.7.1 -------------------- +Changes since 5.7.1-test-3 +-------------------------- + +CVE-2019-20044: When unsetting the PRIVILEGED option, the shell sets its +effective user and group IDs to match their respective real IDs. On some +platforms (including Linux and macOS, but not FreeBSD), when the RUID and +EUID were both non-zero, it was possible to regain the shell's former +privileges by e.g. assigning to the EUID or EGID parameter. In the course +of investigating this issue, it was also found that the setopt built-in +did not correctly report errors when unsetting the option, which +prevented users from handling them as the documentation recommended. +setopt now returns non-zero if it is unable to safely drop privileges. +[ Reported by Sam Foxman <samfoxman320@gmail.com>. ] + +Changes from 5.7.1 to 5.7.1-test-3 +---------------------------------- The zsh/zutil module's zparseopts builtin learnt an -F option to abort parsing when an unrecognised option-like parameter is encountered. |