Hello, zsh 5.9 has been released and made available for download at the following locations: https://sourceforge.net/projects/zsh/files/ https://www.zsh.org/pub/ This is a stable security release with many bug fixes and several new features. It includes the fix for CVE-2021-45444 which was previously rolled into 5.8.1. For further details, please refer to the README and NEWS files distributed with the shell, or see here: https://zsh.sourceforge.io/releases.html This release is dedicated to the memory of Sven Guckes, who was, amongst other things, a long-time zsh advocate. For more information, see: https://linuxnews.de/2022/02/sven-guckes-verstorben/ https://groups.google.com/g/vim_announce/c/MJBKVd-xrEE/m/joVNaDgAAgAJ dana
Hello, zsh 5.8.1 has been released and made available for download at the following locations: https://sourceforge.net/projects/zsh/files/ https://www.zsh.org/pub/ This is a stable security release with a few bug fixes, including one for CVE-2021-45444, a vulnerability in prompt expansion which could be exploited through e.g. VCS_Info to execute arbitrary shell commands without a user's knowledge. All sites are encouraged to update from zsh 5.8. A partial work-around which can be applied within a running shell is provided in the source distribution for those who are unable to update their shell binaries. For further details, please refer to the README and NEWS files distributed with the shell, or see here: https://zsh.sourceforge.io/releases.html PS: Maintainers of down-stream zsh packages are invited to e-mail <zsh-security@zsh.org> if they would like to request pre-notification of security releases like this one. dana
Hello, zsh 5.8 has been released and made available for download at the following locations: https://sourceforge.net/projects/zsh/files/ https://www.zsh.org/pub/ This is a stable security release with a few new features and many bug fixes, including one for CVE-2019-20044 (a minor vulnerability related to the PRIVILEGED option). For further details, please refer to the README and NEWS files distributed with the shell, or see here: http://zsh.sourceforge.net/releases.html dana
zsh 5.7.1 has been released and made available for download at the following locations: http://www.zsh.org/pub/ https://sourceforge.net/projects/zsh/files/ 5.7.1 is a stable release which fixes two regressions (related to VCS_Info and prompt colour sequences) found in 5.7. dana
Hello, This is your slightly belated notice that zsh 5.7 has been released and made available for download at the following locations: http://www.zsh.org/pub/ https://sourceforge.net/projects/zsh/files/ 5.7 is a stable release with many bug fixes and a few new features. For details, please refer to the README and NEWS files distributed with the shell, or see here: http://zsh.sourceforge.net/releases.html dana
Version 5.6.2 of zsh has been released and will later today be available from http://www.zsh.org/pub/ and https://sourceforge.net/projects/zsh/files/ . This release fixes another case of SIGTTOU with pipelines and a case where SIGWINCH (terminal emulator size change) was ignored. See README and NEWS in the source distribution for more information.
Version 5.6.1 of zsh has been released and is available from http://www.zsh.org/pub/ . It will shortly also be available from Sourceforge: https://sourceforge.net/projects/zsh/files/ . This release fixes a packaging bug affecting 'runhelp' and a bug involving pipeline management and SIGTTOU. See README and NEWS in the source distribution for more information.
(This is on behalf of Daniel Shahaf, in case his announcement email doesn't get through.) Subject: zsh 5.6 released Version 5.6 of zsh has been released and is available from http://www.zsh.org/pub/ . It will shortly also be available from Sourceforge: https://sourceforge.net/projects/zsh/files/ . This is a security release, fixing CVE-2018-0502 and CVE-2018-13259. All sites are encouraged to upgrade from 5.5.1 as soon as possible. See README and NEWS in the source distribution for more information.
You can find release 5.5.1 of zsh (the Z Shell) at http://www.zsh.org/pub and in the Sourceforge zsh project. The main difference compared with 5.5 is to fix a configuration problem finding signal names with recent versions of glibc. However, there are some other minor bug fixes, so it is probably worth upgrading even if you did not have this problem. pws
Version 5.5 of zsh has been released and is available from http://www.zsh.org/ pub . It will shortly also be available from Sourceforge. This is a stable release. All sites are encouraged to upgrade from 5.4.2. See README and NEWS in the source distribution for more information. -- Peter Stephenson <p.w.stephenson@ntlworld.com>
Version 5.4.1 of zsh has been released. You are likely to be upgrading from 5.3.1 as 5.4 was not released. You can get it from http://www.zsh.org/pub or SourceForge's zsh area, plus mirrors. This contains bug fixes plus a few minor new features. See the README and NEWS files for more. pws
Version 5.3 of zsh has been relesed. You can find it from the zsh projct a sourceforge.net, or at http://www.zsh.org/pub/. This fixes a large umber of bugs, some quite significant. There are also some minor enhancements. pws
[-- Attachment #1: Type: text/plain, Size: 379 bytes --] Version 5.0.8 of the Z Shell can now be downloaded from http://www.zsh.org/pub/ This version contains some minor feature enhancements and many bug fixes, including fixes for some basic parsing problems and long-standing compatibility issues in POSIX / sh compatibility mode. There are the usual enhancements to completion functions. An upload to Sourceforge will follow. pws
Version 5.0.7 of zsh is released. You can get it from http://www.zsh.org/pub and mirrors (see below). This is a stable release. There are minor new features as well as bug fixes since 5.0.6. Note in particular there is a security fix to disallow evaluation of the initial values of integer variables imported from the environment (they are instead treated as literal numbers). That could allow local privilege escalation, under some specific and atypical conditions where zsh is being invoked in privilege elevation contexts when the environment has not been properly sanitized, such as when zsh is invoked by sudo on systems where "env_reset" has been disabled. pws
Version 5.0.6 of zsh has been uploaded to http://www.zsh.org/pub/ . It will shortly be uploaded to Sourceforge, too. Git users should note that owing to a problem at the Sourceforge repository I haven't yet been able to push the version number change and the tag, however the change is entirely predictable. Thanks to all the contributors. Here's a chunk from the NEWS file. - If the option EXTENDED_GLOB is in effect, it is possible to force globbing within conditional code using the [[ ... ]] syntax by flagging that a certain string is a glob using the (#q) glob qualifier syntax. The resulting glob is treated as a single argument. For example, [[ -n *.c(#qN) ]] tests whether there are any .c files in the current directory. - In prompt strings, the %N(l.true.false) conditional (line length) and the %N<..< and %N>..> truncation operators now accept negative values of N, which count the remaining space to the opposite margin (positive values of N still count the space used since the start of the prompt). In PS1 and PROMPT, this counts to the right margin, whereas in RPS1 and RPROMPT, it counts to the left margin (not to the opposite prompt). - Another new prompt feature is the %. escape within time strings, for example %D{%H:%M:%S.%.}. It provides zero-padded decimal fractions of second; by default milliseconds are shown, but the number of digits may be indicated from 1 to 6, e.g. "%6.". (Note this is part of the extensions to strftime() formats rather than basic prompt escapes.) - The operators :^ and :^^ in parameter substitution allow for array zipping in the form ${name:^array}. With the :^ operator, all entries in $name and $array will be output in alternating order. With :^ the longer array is trimmed whereas the :^^ operator repeats the shorter array enough to match the longer array. - The value of $? when a job becomes stopped is now the signal number plus 128, for compatibility with other shells. Note that different operating systems use different values e.g. for SIGTSTP, so it is not possible in portable scripts to detect stopped jobs by comparing to a fixed number. Also, the value of $pipestatus is now updated when a job stops, not just when it exits. -- Peter Stephenson <p.w.stephenson@ntlworld.com> Web page now at http://homepage.ntlworld.com/p.w.stephenson/
Version 5.0.5 of zsh has been released and is available from http://www.zsh.org/pub/ and mirrors as well as from Sourceforge. As usual, there is a source tarball and a separate tarball with preformatted documentation. This fixes a few significant bugs reported following the release of 5.0.4 a couple of weeks ago. -- Peter Stephenson <p.w.stephenson@ntlworld.com> Web page now at http://homepage.ntlworld.com/p.w.stephenson/
Version 5.0.4 of zsh is available from the main distribution site and from Sourceforge and will gradually reach the various mirrors. http://www.zsh.org/pub/zsh-5.0.4.tar.gz http://www.zsh.org/pub/zsh-5.0.4.tar.bz2 http://www.zsh.org/pub/zsh-5.0.4-doc.tar.gz http://www.zsh.org/pub/zsh-5.0.4-doc.tar.bz2 This is a stable release. Users of 5.0.2 are recommended to update. Version 5.0.3, released a few days ago, has been replaced as there is a significant bug in pattern matching. -- Peter Stephenson <p.w.stephenson@ntlworld.com> Web page now at http://homepage.ntlworld.com/p.w.stephenson/
zsh 5.0.2 has been released and is available from ftp.zsh.org, from Sourceforge, and should soon find its way to mirrors. I made zsh 5.0.1 yesterday, but a significant bug turned up today and as I hadn't announced 5.0.1 I have put the fix into 5.0.2. Most of the changes since 5.0.0 are bug fixes; there are a few minor enhancements as noted in the NEWS file. Thanks to everybody who has contributed. -- Peter Stephenson <p.w.stephenson@ntlworld.com> Web page now at http://homepage.ntlworld.com/p.w.stephenson/
After what seems like years, for a very good reason, a new stable release of zsh, 5.0.0, has appeared. You can get it from the main zsh site, or mirrors, or from Sourceforge. The main FTP site is: ftp://ftp.zsh.org/pub/zsh.tar.gz ftp://ftp.zsh.org/pub/zsh.tar.bz2 ftp://ftp.zsh.org/pub/zsh-doc.tar.gz ftp://ftp.zsh.org/pub/zsh-doc.tar.bz2 Thanks to everybody who has contributed to zsh over the years. The release notes are as follows. Version 5.0.0 of zsh is the new stable release. There are many changes since the last stable release series, 4.2, of which the most important is handling of multibyte characters. The file NEWS in the distribution gives more information. The file README details some incompatibilities with previous versions, mostly minor. Users of the development release series will not see major changes since the previous release, 4.3.17. -- Peter Stephenson <p.w.stephenson@ntlworld.com> Web page now at http://homepage.ntlworld.com/p.w.stephenson/
Version 4.3.17 of zsh has been released. There are no major changes; this fixes some bugs noted since 4.3.15. 4.3.16 had a partial fix for one of the bugs so was not announced widely. ftp://ftp.zsh.org/pub/zsh-4.3.17.tar.bz2 ftp://ftp.zsh.org/pub/zsh-4.3.17.tar.gz ftp://ftp.zsh.org/pub/zsh-4.3.17-doc.tar.bz2 ftp://ftp.zsh.org/pub/zsh-4.3.17-doc.tar.gz See the ChangeLog and the mailing list archive at http://www.zsh.org/mla for more details. -- Peter Stephenson <p.w.stephenson@ntlworld.com> Web page now at http://homepage.ntlworld.com/p.w.stephenson/
zsh 4.3.15 is released. ftp://ftp.zsh.org/pub/zsh-4.3.15-doc.tar.bz2 ftp://ftp.zsh.org/pub/zsh-4.3.15-doc.tar.gz ftp://ftp.zsh.org/pub/zsh-4.3.15.tar.bz2 ftp://ftp.zsh.org/pub/zsh-4.3.15.tar.gz This fixes one significant bug that turned up after 4.3.14, though in fact the bug has been present since 4.3.10. In POSIX compatibility mode, job control remains enabled in a subshell, and owing to an inconsistency it was possible for a subshell to hang. Thanks for all the reports and help with development. -- Peter Stephenson <p.w.stephenson@ntlworld.com> Web page now at http://homepage.ntlworld.com/p.w.stephenson/
I've uploaded zsh version 4.3.14 to ftp.zsh.org in the pub directory. This fixes a few minor glitches in last week's 4.3.13; the tests should pass in more places. -- Peter Stephenson <pws@csr.com> Software Engineer Tel: +44 (0)1223 692070 Cambridge Silicon Radio Limited Churchill House, Cambridge Business Park, Cowley Road, Cambridge, CB4 0WZ, UK Member of the CSR plc group of companies. CSR plc registered in England and Wales, registered number 4187346, registered office Churchill House, Cambridge Business Park, Cowley Road, Cambridge, CB4 0WZ, United Kingdom More information can be found at www.csr.com. Follow CSR on Twitter at http://twitter.com/CSR_PLC and read our blog at www.csr.com/blog
I've uploaded zsh 4.3.13 to ftp://ftp.zsh.org/pub/. If you get a chance to try it out before I upload it to Sourceforge, too, that would be great. There are no major new features, though there some significant bug fixes and quite a lot of work on some of the shell functions. Scan the ChangeLog if you want a more detailed idea. -- Peter Stephenson <p.w.stephenson@ntlworld.com> Web page now at http://homepage.ntlworld.com/p.w.stephenson/
Version 4.3.12 of zsh is released. This is mostly a bugfix release, although there are a few new features. You can get it from ftp.zsh.org or from the Sourceforge zsh project. I hope to be able to replace the 4.3 series with a stable 5.0 release series before too long. Thanks to the many people who helped. Here is the appropriate section from the NEWS file. Changes since 4.3.11 -------------------- The zsh/parameter module has a new readonly associative array $usergroups whose keys are the names of system groups of which the current user is a member and whose values are the corresponding group identifiers. The region_highlight array, which controls highlighting of the command line from zle widgets, is now updated dynamically as the command line is edited. In POSIX emulation ("emulate sh") the shell is more accurate about when it should or should not exit on errors. The ${NAME:OFFSET:LENGTH} syntax now supports negative LENGTH, which counts back from the end of the string. The (g:opts:) flag in parameter expansion processes escape sequences like the echo and print builtins. opts can be any combination of o, e and c. With e, acts like print rather than echo except for octal escapes which are controlled separately by the o option. With c, interpret control sequences like "^X" as bindkey does. Regardless of the opts, \c is not interpreted. -- Peter Stephenson <pws@csr.com> Software Engineer Tel: +44 (0)1223 692070 Cambridge Silicon Radio Limited Churchill House, Cambridge Business Park, Cowley Road, Cambridge, CB4 0WZ, UK Member of the CSR plc group of companies. CSR plc registered in England and Wales, registered number 4187346, registered office Churchill House, Cambridge Business Park, Cowley Road, Cambridge, CB4 0WZ, United Kingdom More information can be found at www.csr.com. Follow CSR on Twitter at http://twitter.com/CSR_PLC and read our blog at www.csr.com/blog
I've released 4.3.11 of the shell. It's at the usual zsh web site (at the time of writing the main files are correct but the symbolic links haven't quite caught up; that'll just be a matter of minutes), and it's also at Sourceforge: you'll probably get better bandwidth by waiting for it to percolate to a mirror. The Sourceforge links (which were working faster for me, but note involve a redirection, so use e.g. curl -L) are http://sourceforge.net/projects/zsh/files/zsh-dev/4.3.11/zsh-4.3.11.tar.bz2/download http://sourceforge.net/projects/zsh/files/zsh-dev/4.3.11/zsh-4.3.11.tar.gz/download http://sourceforge.net/projects/zsh/files/zsh-doc-dev/4.3.11/zsh-4.3.11-doc.tar.bz2/download http://sourceforge.net/projects/zsh/files/zsh-doc-dev/4.3.11/zsh-4.3.11-doc.tar.gz/download Thanks to everyone who has helped. The notes are fairly short: 4.3.11 contains many bug fixes and numerous minor additions; see the NEWS file in the distribution. Although this is on the development branch, it is believed to be fairly stable, and is likely to become the stable release shortly. The more interesting stuff is in the NEWS file. Here's the top of it. ------------------------------------- CHANGES FROM PREVIOUS VERSIONS OF ZSH ------------------------------------- Note also the list of incompatibilities in the README file. Changes between versions 4.3.10 and 4.3.11 ------------------------------------------ When the shell is invoked with the base name of a script, for example as `zsh scriptname', previous versions of zsh have used the name directly, whereas other shells use the value of $PATH to find the script. The option PATH_SCRIPT has been added to provide the alternative behaviour. This is turned on where appropriate in compatibility modes. Parameters, globbing, etc. -+-+-+-+-+-+-+-+-+-+-+-+-+ Parameter expansion has been enhanced to provide the ${NAME:OFFSET} and ${NAME:OFFSET:LENGTH} syntax for substrings and subarrays present in several other shells. OFFSET always uses zero-based indexing. The only clash with existing zsh syntax occurs if OFFSET begins with an alphabetic character or `&', which is not likely. The (D) flag in parameter expansion abbreviates directories in the substituted value. The (q-) flag does minimal shell quotation of arguments for maximum human readability of the result. The (Z) flag in parameter expansion is an enhanced version of the (z) flag that takes an argument indicating how the string to be split is treated. (Z:c:) parses comments as strings; (Z:C:) parses comments and strips them; (Z:n:) treats newlines as ordinary whitespace: (z) has always treated unquoted newlines as shell delimiters and turned them into semicolons, though this was not previously documented. Numeric expansion with braces has been extended so that a step may be given, as in {3..9..2}. The step may be negative as may the start and end of the range (this is also new). The glob qualifier P can be used to add a separate word before each match. For example, *(P:-f:) produces the command line `-f file1 -f file2 ...'. Regular expression matches now use the same variables for storing matched components as shell pattern matching. The function system now provides the function regexp-replace for replacing text using regular expressions. The zle widget functions replace-string, replace-string-again, if defined with regex in the name (e.g. "zle -N replace-regexp replace-string"), perform regular expression matches. In replacement text \& and \1 have the standard meaning. Line editor and completion -+-+-+-+-+-+-+-+-+-+-+-+-+ The completion system now has a style path-completion. Setting this to false inhibits completion of paths before the current path component, e.g. /u/b/z no longer completes to /usr/bin/zsh. This is useful on systems where this form of completion is pathologically slow due to network performance. With the MULTIBYTE option, the line editor now highlights bytes in the input that are not part of a valid character in the current locale in hex as <XX> for hex digits X; highlighting is controlled by the "special" keyword in the zle_highlight array. These can be distinguished from unprintable Unicode characters which also use "special" highlighting as the latter are always two or four bytes long, e.g. <XXXX>, <XXXXXXXX>. zle_highlight also controls highlighting of a removable completion suffix, e.g. the "/" automatically appended to directories. This uses the keyword "suffix". The line editor now sets the variable ZLE_LINE_ABORTED if there is an error when editing the line. The following code can be used to create a bindable editor widget to restore the aborted line: recover-line() { LBUFFER=$ZLE_LINE_ABORTED RBUFFER=; } zle -N recover-line and then either bind recover-line to a key sequence or use `M-x recover-line <RET>'. The parameter ZLE_STATE, available in user-defined line editor widgets, gives information on the state of the line editor. Currently this is whether the line editor is in insert or overwrite mode. Miscellaneous options -+-+-+-+-+-+-+-+-+-+- The new shell option HIST_LEX_WORDS causes history lines read in from a file to be split in the same way as normal shell lines, instead of simply on whitespace. It's an option as although the result is more accurate it can take a long time when the history size is large. The shell option MONITOR can be set in non-interactive shells, and also in subshells (as created by surrounding commands with parentheses), turning on job control for that subshell. The initial behaviour of a subshell is still to turn job control off, however if the new POSIX_JOBS option is set MONITOR remains active in subshells. The new shell option POSIX_CD, active in emulations of POSIX-based shells, makes the cd builtin POSIX-compatible. The POSIX_JOBS option already referred to has various other compatibility enchancements. The new shell option POSIX_STRINGS makes a null character in $'...' expansion terminate the string, as is already the case in bash. This is not particularly useful behaviour but may become a POSIX requirement. The new shell option POSIX_TRAPS causes the EXIT trap to behave in the same way as in other shells, i.e. it is only run when the shell exits. The new shell option SOURCE_TRACE causes the shell to report files containing shell code that the shell executes directly, i.e. startup files or files run with the `source' or `.' builtins. The shell option SUN_KEYBOARD_HACK has been supplemented by a more general mechanism: the KEYBOARD_HACK variable defines the character to be ignored. Add-on modules and function -+-+-+-+-+-+-+-+-+-+-+-+-+- The module zsh/system has a new "zsystem" builtin whose subcommands perform system level tasks. Currently "zsystem flock" performs advisory file locking (for aficionados, this uses the fcntl() system call so works over the network on Linux). This is a particularly convenient way of locking files for the length of a subshell. "zsystem supports flock" provides a test for this feature. There is now a function system for recording and restoring recently entered directories in a persistent fashion, with support in completion and (if explicitly installed) dynamic directory expansion. See the entry for cdr in the zshcontrib manual page. -- Peter Stephenson <pws@csr.com> Software Engineer Tel: +44 (0)1223 692070 Cambridge Silicon Radio Limited Churchill House, Cambridge Business Park, Cowley Road, Cambridge, CB4 0WZ, UK Member of the CSR plc group of companies. CSR plc registered in England and Wales, registered number 4187346, registered office Churchill House, Cambridge Business Park, Cowley Road, Cambridge, CB4 0WZ, United Kingdom