diff options
| author | Peter Stephenson <pws@zsh.org> | 2016-09-28 09:50:58 +0100 |
|---|---|---|
| committer | Peter Stephenson <pws@zsh.org> | 2016-09-28 09:50:58 +0100 |
| commit | b32d974000295a5fa0b0c981b3198f987d3177c4 (patch) | |
| tree | 17ca9ec366f7d652ff7473e7e43a65b2c691f2da /ChangeLog | |
| parent | 8d04b5429ffc9a302addd7159b20f8cadffd0c44 (diff) | |
| download | zsh-b32d974000295a5fa0b0c981b3198f987d3177c4.tar.gz zsh-b32d974000295a5fa0b0c981b3198f987d3177c4.tar.xz zsh-b32d974000295a5fa0b0c981b3198f987d3177c4.zip | |
39460: Don't import PS4 if running as root.
There was an exploit in bash using SHELLOPTS to turn on xtrace, however this can't happen in zsh, so this is simply a precaution.
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog index 6674be512..9c50f15f9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2016-09-28 Peter Stephenson <p.stephenson@samsung.com> + + * 39460: Src/params.c, Src/zsh.h: don't import PS4 if running as + root. Currently no known exploit with this in zsh as xtrace + needs an explicit option setting, so this is just precautionary. + 2016-09-27 Oliver Kiddle <opk@zsh.org> * Marko Myllynen: 39453: Completion/Unix/Command/_openstack: |