Package: zsh Version: 4.3.4-26 Severity: important Tags: security Hi, referring to https://bugs.gentoo.org/show_bug.cgi?id=201022 the difflog.pl script shipped by zsh is prone to a symlink attack. I verified this is also the case in the Debian package of zsh. I am waiting for a CVE id for this. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpvafjjBSrGp.pgp
Description: PGP signature

