Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

CVE-2021-45444 really fixed in 5.8.1?

X-seq: zsh-users 27548
From: Vincent Bernat <bernat@xxxxxxxx>
To: zsh-users@xxxxxxx
Subject: CVE-2021-45444 really fixed in 5.8.1?
Date: Sat, 12 Mar 2022 15:39:00 +0100
Archived-at: <https://zsh.org/users/27548>
List-id: <zsh-users.zsh.org>

Hey!

Is CVE-2021-45444 really fixed in 5.8.1?

neo% zsh --version
zsh 5.8.1 (x86_64-debian-linux-gnu)
neo% mkdir test1
neo% cd test1
neo% git init
Initialized empty Git repository in /home/bernat/tmp/test1/.git/
neo% git checkout -b branch%1branch
Switched to a new branch 'branch%1branch'
neo% autoload -Uz vcs_info
neo% precmd() { vcs_info }
neo% setopt prompt_subst
neo% PS1='${vcs_info_msg_0_}%# '
 (git)-[branchranch]-%

%1 was interpreted while it shouldn't have been?

The provided workaround for older versions work fine.

After applying:

 (git)-[branch%1branch]-%
-- 
Don't stop at one bug.
            - The Elements of Programming Style (Kernighan & Plauger)

Follow-Ups:
- Re: CVE-2021-45444 really fixed in 5.8.1?
  - From: dana

Messages sorted by: Reverse Date, Date, Thread, Author