CVE-2018-7548 (retired)

Priority
Description
In subst.c in zsh through 5.4.2, there is a NULL pointer dereference when
using ${(PA)...} on an empty array result.
Notes
Package
Source: zsh (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (code not present)
Ubuntu 18.04 LTS (Bionic Beaver):released (5.4.2-3ubuntu2)
Patches:
Upstream:https://sourceforge.net/p/zsh/code/ci/110b13e1090bc31ac1352b28adc2d02b6d25a102
More Information

Updated: 2019-10-09 08:04:41 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)