Chum Security Advisory 0
CVE-2021-45444: RyotaK reported a security issue in zsh, which could result in the execution of arbitrary code [1].
In Zsh 5.8 or below, malicious command outputs inside the prompt perform recursive PROMPT_SUBST expansion, which allows a malicious command output to execute arbitrary commands.
[2]
You are affected if PROMPT_SUBST is enabled. This is the default if you are using the ksh or sh emulation, but not if you are using “normal” zsh.
This problem has been fixed in version 5.8.1 as distributed via Chum.
I recommend that you upgrade your zsh package.
[1] ZSH - Release Notes
[2] Advisory #63 - RyotaK's Vuln DB
Given “normal” usage of a phone with zsh, this issue probably affects nobody using Sailfish/Chum, but maybe I’m wrong
I know, given the all the circumstances, it’s a bit silly to publish this like this. I’m more interested on how big the userbase of zsh on Chum is and whether everybody just uses the default zsh.
For Chum, it would also be interesting on how users would like to handle security updates: Notification-only? unattended-upgrades-like automated installation of all updates, or only some?