Description
This update for zsh fixes the following issues:
- CVE-2014-10070: environment variable injection could lead to local
privilege escalation (bnc#1082885)
- CVE-2014-10071: buffer overflow in exec.c could lead to denial of
service. (bnc#1082977)
- CVE-2014-10072: buffer overflow In utils.c when scanning very long
directory paths for symbolic links. (bnc#1082975)
- CVE-2016-10714: In zsh before 5.3, an off-by-one error resulted in
undersized buffers that were intended to support PATH_MAX characters