-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 12 Feb 2022 23:00:09 +0100
Source: zsh
Architecture: source
Version: 5.8.1-1
Distribution: unstable
Urgency: high
Maintainer: Debian Zsh Maintainers <pkg-zsh-devel@lists.alioth.debian.org>
Changed-By: Axel Beckert <abe@debian.org>
Changes:
zsh (5.8.1-1) unstable; urgency=high
.
* [1a490c705,12eb3e53,a13f7a2b] Import new upstream security and bugfix
release 5.8.1.
+ [c187154f,fdb8b0ce,bdc4d70a] Fixes CVE-2021-45444, a vulnerability
in prompt expansion which could be exploited through e.g. VCS_Info
to execute arbitrary shell commands without a user's knowledge.
+ [92d7d4dd] Refresh patches as needed. Drop cherry-picked patch with
commit 754658af, included in upstream bugfix release.
* [2556a97c] Drop debian/zsh-static.NEWS, zsh-static will stay. Thanks
to those who gave feedback about our proposed zsh-static removal back
in 2015, especially Vincent Bernat.
* [0fbb22e7] Extend zsh-static package description to explain its use
cases. Thanks to shirish शिरीष to make us aware of this deficency of
the package description by asking the right questions (back in
2015). :-)
* [daf87c89] zsh-static: Drop dep. on zsh, recommend zsh-common instead.
* [2f5cd2e1] Update lintian overrides wrt. to change tag formats.
* [cf14eeb5] Add lintian override for bash-term-in-posix-shell. It's zsh
code and it's guarded by a check if we're running zsh or not.
* [ca06fcef] Add lintian overrides for bin-sbin-mismatch false positives.
* [db8c6c1c] debian/zsh5: Add ${static} suffix also to alternative path
in warning.
* [dc50ace5] Update copyright years in debian/copyright. Thanks Lintian!
* [e872908c] debian/copyright: Remove obsolete upstream URLs. (FTP + SF)
* [60187dd3] debian/watch: Drop comment about FTP timeouts.
* [34379187] Make paths in lintian overrides agnostic to upstream versions
* [566bf8c1] Add lintian overrides for all occurrences of
very-long-line-length-in-source-file. They're all false positives.
* [32c07ee0] Update copyright years in debian/copyright. Thanks Lintian!
Checksums-Sha1:
2d85769be69fdf8d6a1f01f113b30b92ce3c960e 2858 zsh_5.8.1-1.dsc
82ac4a80c527bfe01c0bdd109f65edc403176fb8 3200540 zsh_5.8.1.orig.tar.xz
b2d1e03281c3d4e82764aacf2b6bc2b619400111 488 zsh_5.8.1.orig.tar.xz.asc
1dbecc54c17752209384bd6585fff8e843bece99 93564 zsh_5.8.1-1.debian.tar.xz
2d702617edf7ebfa5c05071e93cf22fec24d0e96 6809 zsh_5.8.1-1_source.buildinfo
Checksums-Sha256:
c073f0040c90550f91b3373999d0e8fcd65dca539d0399ee55d21bab274ce77e 2858 zsh_5.8.1-1.dsc
b6973520bace600b4779200269b1e5d79e5f505ac4952058c11ad5bbf0dd9919 3200540 zsh_5.8.1.orig.tar.xz
2ab4308151f87733eafcd09c88974508156136c94d1c56a0ee7b3f649c994ec6 488 zsh_5.8.1.orig.tar.xz.asc
13feb0d23d32f50fd7151e08e49690ab16a05526bc4498a0c0f9f5930d3164bb 93564 zsh_5.8.1-1.debian.tar.xz
244373014a28d6971168472493add43ffce42580a179d28aa0ed58149a8e9d41 6809 zsh_5.8.1-1_source.buildinfo
Files:
22b22247dd6970bd4212cba039cfe812 2858 shells optional zsh_5.8.1-1.dsc
063a98c256ee0584b3c115924e41a332 3200540 shells optional zsh_5.8.1.orig.tar.xz
8f0910bb736c51fff575d02a389e49bb 488 shells optional zsh_5.8.1.orig.tar.xz.asc
e8d0c668d6ab4e95ea12badfc74c5e50 93564 shells optional zsh_5.8.1-1.debian.tar.xz
2b43877daa1219fa9f6550f412654b6e 6809 shells optional zsh_5.8.1-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEERoyJeTtCmBnp12Ema+Zjx1o1yXUFAmIIPmoACgkQa+Zjx1o1
yXWLeRAAm4GlZBgKnnXreCJS/H+EjKPsehxbd2fJwNp0hxMeLmd5zHpwHSJVX7Hx
aeLQcw51/nBUsrjS31RFdSwiPHBJ8YuYKUtKLt02aNfuNaQ8WXMTBez6D3aTKtJn
hPzR3F43zGHFRq1EKBiRgMyh76TSnLoL6onQ+8IM/lD+jIBxHoSogca9TD1olIJl
KPf6sTBAuklEB8Z/oTbJOVsfLrUSY3v+ir8Ynbg536yH6dgKIlpQM44skMnUMJXB
CXjdCOLPEKhCYGKuy4TQ9iXUFnfJHRsFgRBzjBfIZRbU1bZoIRRLKTbqsDmLTQmm
IZQugT6k5HxV988G4FCrA+Ekb4dJS/jsh3D1sigbm+6i/2Old8jiBvFCdahqe1+j
u2s/w/kR1B3gc5LM4KSXIlsV7sJByHSFvk63vwlc0uuVBuMfy2BIhSRtAuj7B1hh
FV60f4wBDCW3eC2eZgAv+VmEK40SmpoWOT1tmPwmTLSa4MN9PhAhl4+r5/Dt3slX
afJ3aHyPCmlXA2e7qiFoP0tNVETXquUho+5Z66e7h7PFPe0p+n3tweJCYRqvTsfO
9KQrXHPp+vsUCLa3t/b+Tpxc9ewiQxCtiZ6yDtiw4TufK7MUWVBE5JG0fRztCmow
zLwhye/3+FC/X0GGIrOEaGdZ+REg5uvIFW7pKmUaZJBOR1PlomY=
=WXT+
-----END PGP SIGNATURE-----
