zsh-users
 help / color / mirror / code / Atom feed
* CVE-2021-45444 really fixed in 5.8.1?
@ 2022-03-12 14:39 Vincent Bernat
  2022-03-12 22:45 ` dana
  0 siblings, 1 reply; 4+ messages in thread
From: Vincent Bernat @ 2022-03-12 14:39 UTC (permalink / raw)
  To: zsh-users

Hey!

Is CVE-2021-45444 really fixed in 5.8.1?

neo% zsh --version
zsh 5.8.1 (x86_64-debian-linux-gnu)
neo% mkdir test1
neo% cd test1
neo% git init
Initialized empty Git repository in /home/bernat/tmp/test1/.git/
neo% git checkout -b branch%1branch
Switched to a new branch 'branch%1branch'
neo% autoload -Uz vcs_info
neo% precmd() { vcs_info }
neo% setopt prompt_subst
neo% PS1='${vcs_info_msg_0_}%# '
 (git)-[branchranch]-%

%1 was interpreted while it shouldn't have been?

The provided workaround for older versions work fine.

After applying:

 (git)-[branch%1branch]-%
-- 
Don't stop at one bug.
            - The Elements of Programming Style (Kernighan & Plauger)


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2022-03-13  0:03 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-03-12 14:39 CVE-2021-45444 really fixed in 5.8.1? Vincent Bernat
2022-03-12 22:45 ` dana
2022-03-12 22:58   ` Vincent Bernat
2022-03-13  0:01     ` dana

Code repositories for project(s) associated with this public inbox

	https://git.vuxu.org/mirror/zsh/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).