Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2020:0892 - Security Advisory
Issued:
2020-03-18
Updated:
2020-03-18

RHSA-2020:0892 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: zsh security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for zsh is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell (the Korn shell), but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions (with autoloading), a history mechanism, and more.

Security Fix(es):

  • zsh: insecure dropping of privileges when unsetting PRIVILEGED option (CVE-2019-20044)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 6 x86_64
  • Red Hat Enterprise Linux Server 6 i386
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
  • Red Hat Enterprise Linux Workstation 6 x86_64
  • Red Hat Enterprise Linux Workstation 6 i386
  • Red Hat Enterprise Linux Desktop 6 x86_64
  • Red Hat Enterprise Linux Desktop 6 i386
  • Red Hat Enterprise Linux for IBM z Systems 6 s390x
  • Red Hat Enterprise Linux for Power, big endian 6 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 i386
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6 s390x

Fixes

  • BZ - 1804859 - CVE-2019-20044 zsh: insecure dropping of privileges when unsetting PRIVILEGED option

CVEs

  • CVE-2019-20044

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 6

SRPM
zsh-4.3.11-11.el6_10.src.rpm SHA-256: 969fffbb3b92c7ada649691eb483fbd4c3552dd6f26e43315ad7758506a9d2dd
x86_64
zsh-4.3.11-11.el6_10.x86_64.rpm SHA-256: b1aa0931514993655ec96d86635386b37121d7cea28a89b872fb926fa37a0a50
zsh-4.3.11-11.el6_10.x86_64.rpm SHA-256: b1aa0931514993655ec96d86635386b37121d7cea28a89b872fb926fa37a0a50
zsh-debuginfo-4.3.11-11.el6_10.x86_64.rpm SHA-256: 592b12b1e4388a20d79e6f7d4ce1cd6deb7645be79d4a82d9c2ab4d77b204192
zsh-debuginfo-4.3.11-11.el6_10.x86_64.rpm SHA-256: 592b12b1e4388a20d79e6f7d4ce1cd6deb7645be79d4a82d9c2ab4d77b204192
zsh-debuginfo-4.3.11-11.el6_10.x86_64.rpm SHA-256: 592b12b1e4388a20d79e6f7d4ce1cd6deb7645be79d4a82d9c2ab4d77b204192
zsh-html-4.3.11-11.el6_10.x86_64.rpm SHA-256: 99c3e89dc9f1caa30d927d2fa7a041491fda365ed4494b9ac7424f1e1cb8cb8a
zsh-html-4.3.11-11.el6_10.x86_64.rpm SHA-256: 99c3e89dc9f1caa30d927d2fa7a041491fda365ed4494b9ac7424f1e1cb8cb8a
i386
zsh-4.3.11-11.el6_10.i686.rpm SHA-256: 722101a5a59223f1dbc06367ffed24e8b9bd2f1f58126c0ef4db4725cb0015bf
zsh-debuginfo-4.3.11-11.el6_10.i686.rpm SHA-256: 47c3a550e45f873bb1ece0e9b91dd4dce04c56140fa36b5434b13d8aafbc1eee
zsh-debuginfo-4.3.11-11.el6_10.i686.rpm SHA-256: 47c3a550e45f873bb1ece0e9b91dd4dce04c56140fa36b5434b13d8aafbc1eee
zsh-html-4.3.11-11.el6_10.i686.rpm SHA-256: 1ef43eddfc105721c0882c477321c13c5a0b03d0866ce0760a4e2db236622c0c

Red Hat Enterprise Linux Server - Extended Life Cycle Support 6

SRPM
zsh-4.3.11-11.el6_10.src.rpm SHA-256: 969fffbb3b92c7ada649691eb483fbd4c3552dd6f26e43315ad7758506a9d2dd
x86_64
zsh-4.3.11-11.el6_10.x86_64.rpm SHA-256: b1aa0931514993655ec96d86635386b37121d7cea28a89b872fb926fa37a0a50
zsh-debuginfo-4.3.11-11.el6_10.x86_64.rpm SHA-256: 592b12b1e4388a20d79e6f7d4ce1cd6deb7645be79d4a82d9c2ab4d77b204192
zsh-debuginfo-4.3.11-11.el6_10.x86_64.rpm SHA-256: 592b12b1e4388a20d79e6f7d4ce1cd6deb7645be79d4a82d9c2ab4d77b204192
zsh-html-4.3.11-11.el6_10.x86_64.rpm SHA-256: 99c3e89dc9f1caa30d927d2fa7a041491fda365ed4494b9ac7424f1e1cb8cb8a
i386
zsh-4.3.11-11.el6_10.i686.rpm SHA-256: 722101a5a59223f1dbc06367ffed24e8b9bd2f1f58126c0ef4db4725cb0015bf
zsh-debuginfo-4.3.11-11.el6_10.i686.rpm SHA-256: 47c3a550e45f873bb1ece0e9b91dd4dce04c56140fa36b5434b13d8aafbc1eee
zsh-debuginfo-4.3.11-11.el6_10.i686.rpm SHA-256: 47c3a550e45f873bb1ece0e9b91dd4dce04c56140fa36b5434b13d8aafbc1eee
zsh-html-4.3.11-11.el6_10.i686.rpm SHA-256: 1ef43eddfc105721c0882c477321c13c5a0b03d0866ce0760a4e2db236622c0c

Red Hat Enterprise Linux Workstation 6

SRPM
zsh-4.3.11-11.el6_10.src.rpm SHA-256: 969fffbb3b92c7ada649691eb483fbd4c3552dd6f26e43315ad7758506a9d2dd
x86_64
zsh-4.3.11-11.el6_10.x86_64.rpm SHA-256: b1aa0931514993655ec96d86635386b37121d7cea28a89b872fb926fa37a0a50
zsh-debuginfo-4.3.11-11.el6_10.x86_64.rpm SHA-256: 592b12b1e4388a20d79e6f7d4ce1cd6deb7645be79d4a82d9c2ab4d77b204192
zsh-debuginfo-4.3.11-11.el6_10.x86_64.rpm SHA-256: 592b12b1e4388a20d79e6f7d4ce1cd6deb7645be79d4a82d9c2ab4d77b204192
zsh-html-4.3.11-11.el6_10.x86_64.rpm SHA-256: 99c3e89dc9f1caa30d927d2fa7a041491fda365ed4494b9ac7424f1e1cb8cb8a
i386
zsh-4.3.11-11.el6_10.i686.rpm SHA-256: 722101a5a59223f1dbc06367ffed24e8b9bd2f1f58126c0ef4db4725cb0015bf
zsh-debuginfo-4.3.11-11.el6_10.i686.rpm SHA-256: 47c3a550e45f873bb1ece0e9b91dd4dce04c56140fa36b5434b13d8aafbc1eee
zsh-debuginfo-4.3.11-11.el6_10.i686.rpm SHA-256: 47c3a550e45f873bb1ece0e9b91dd4dce04c56140fa36b5434b13d8aafbc1eee
zsh-html-4.3.11-11.el6_10.i686.rpm SHA-256: 1ef43eddfc105721c0882c477321c13c5a0b03d0866ce0760a4e2db236622c0c

Red Hat Enterprise Linux Desktop 6

SRPM
zsh-4.3.11-11.el6_10.src.rpm SHA-256: 969fffbb3b92c7ada649691eb483fbd4c3552dd6f26e43315ad7758506a9d2dd
x86_64
zsh-4.3.11-11.el6_10.x86_64.rpm SHA-256: b1aa0931514993655ec96d86635386b37121d7cea28a89b872fb926fa37a0a50
zsh-debuginfo-4.3.11-11.el6_10.x86_64.rpm SHA-256: 592b12b1e4388a20d79e6f7d4ce1cd6deb7645be79d4a82d9c2ab4d77b204192
zsh-debuginfo-4.3.11-11.el6_10.x86_64.rpm SHA-256: 592b12b1e4388a20d79e6f7d4ce1cd6deb7645be79d4a82d9c2ab4d77b204192
zsh-html-4.3.11-11.el6_10.x86_64.rpm SHA-256: 99c3e89dc9f1caa30d927d2fa7a041491fda365ed4494b9ac7424f1e1cb8cb8a
i386
zsh-4.3.11-11.el6_10.i686.rpm SHA-256: 722101a5a59223f1dbc06367ffed24e8b9bd2f1f58126c0ef4db4725cb0015bf
zsh-debuginfo-4.3.11-11.el6_10.i686.rpm SHA-256: 47c3a550e45f873bb1ece0e9b91dd4dce04c56140fa36b5434b13d8aafbc1eee
zsh-debuginfo-4.3.11-11.el6_10.i686.rpm SHA-256: 47c3a550e45f873bb1ece0e9b91dd4dce04c56140fa36b5434b13d8aafbc1eee
zsh-html-4.3.11-11.el6_10.i686.rpm SHA-256: 1ef43eddfc105721c0882c477321c13c5a0b03d0866ce0760a4e2db236622c0c

Red Hat Enterprise Linux for IBM z Systems 6

SRPM
zsh-4.3.11-11.el6_10.src.rpm SHA-256: 969fffbb3b92c7ada649691eb483fbd4c3552dd6f26e43315ad7758506a9d2dd
s390x
zsh-4.3.11-11.el6_10.s390x.rpm SHA-256: 7c2fd5943d41ce7ff62803d2612273ff8ab95db8379f91d1e4d791e0e0799273
zsh-debuginfo-4.3.11-11.el6_10.s390x.rpm SHA-256: 5ebd50d4ccf8fec513e53e69fe57cb87eb8497110687bedf2f04e780540ea36c
zsh-debuginfo-4.3.11-11.el6_10.s390x.rpm SHA-256: 5ebd50d4ccf8fec513e53e69fe57cb87eb8497110687bedf2f04e780540ea36c
zsh-html-4.3.11-11.el6_10.s390x.rpm SHA-256: 5961b282f1bd43c837e5b0a5f39ee5c84516bed9ae1addf0c9fbd85d763d0dd4

Red Hat Enterprise Linux for Power, big endian 6

SRPM
zsh-4.3.11-11.el6_10.src.rpm SHA-256: 969fffbb3b92c7ada649691eb483fbd4c3552dd6f26e43315ad7758506a9d2dd
ppc64
zsh-4.3.11-11.el6_10.ppc64.rpm SHA-256: 80f1787c1bdd527ee47966505073c81fcec0914684ee1888332083eb57cc06b9
zsh-debuginfo-4.3.11-11.el6_10.ppc64.rpm SHA-256: 3017718e487adf8932de10deea9344d4110b42ca19fcc2330eeb9bfca6626c23
zsh-debuginfo-4.3.11-11.el6_10.ppc64.rpm SHA-256: 3017718e487adf8932de10deea9344d4110b42ca19fcc2330eeb9bfca6626c23
zsh-html-4.3.11-11.el6_10.ppc64.rpm SHA-256: 11eedbd01b1a8cce31c720347f11d5e058420daa797efc0b1982fcdaabc52834

Red Hat Enterprise Linux for Scientific Computing 6

SRPM
zsh-4.3.11-11.el6_10.src.rpm SHA-256: 969fffbb3b92c7ada649691eb483fbd4c3552dd6f26e43315ad7758506a9d2dd
x86_64
zsh-4.3.11-11.el6_10.x86_64.rpm SHA-256: b1aa0931514993655ec96d86635386b37121d7cea28a89b872fb926fa37a0a50
zsh-debuginfo-4.3.11-11.el6_10.x86_64.rpm SHA-256: 592b12b1e4388a20d79e6f7d4ce1cd6deb7645be79d4a82d9c2ab4d77b204192
zsh-debuginfo-4.3.11-11.el6_10.x86_64.rpm SHA-256: 592b12b1e4388a20d79e6f7d4ce1cd6deb7645be79d4a82d9c2ab4d77b204192
zsh-html-4.3.11-11.el6_10.x86_64.rpm SHA-256: 99c3e89dc9f1caa30d927d2fa7a041491fda365ed4494b9ac7424f1e1cb8cb8a

Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6

SRPM
zsh-4.3.11-11.el6_10.src.rpm SHA-256: 969fffbb3b92c7ada649691eb483fbd4c3552dd6f26e43315ad7758506a9d2dd
s390x
zsh-4.3.11-11.el6_10.s390x.rpm SHA-256: 7c2fd5943d41ce7ff62803d2612273ff8ab95db8379f91d1e4d791e0e0799273
zsh-debuginfo-4.3.11-11.el6_10.s390x.rpm SHA-256: 5ebd50d4ccf8fec513e53e69fe57cb87eb8497110687bedf2f04e780540ea36c
zsh-debuginfo-4.3.11-11.el6_10.s390x.rpm SHA-256: 5ebd50d4ccf8fec513e53e69fe57cb87eb8497110687bedf2f04e780540ea36c
zsh-html-4.3.11-11.el6_10.s390x.rpm SHA-256: 5961b282f1bd43c837e5b0a5f39ee5c84516bed9ae1addf0c9fbd85d763d0dd4

Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6

SRPM
zsh-4.3.11-11.el6_10.src.rpm SHA-256: 969fffbb3b92c7ada649691eb483fbd4c3552dd6f26e43315ad7758506a9d2dd
x86_64
zsh-4.3.11-11.el6_10.x86_64.rpm SHA-256: b1aa0931514993655ec96d86635386b37121d7cea28a89b872fb926fa37a0a50
zsh-debuginfo-4.3.11-11.el6_10.x86_64.rpm SHA-256: 592b12b1e4388a20d79e6f7d4ce1cd6deb7645be79d4a82d9c2ab4d77b204192
zsh-debuginfo-4.3.11-11.el6_10.x86_64.rpm SHA-256: 592b12b1e4388a20d79e6f7d4ce1cd6deb7645be79d4a82d9c2ab4d77b204192
zsh-html-4.3.11-11.el6_10.x86_64.rpm SHA-256: 99c3e89dc9f1caa30d927d2fa7a041491fda365ed4494b9ac7424f1e1cb8cb8a
i386
zsh-4.3.11-11.el6_10.i686.rpm SHA-256: 722101a5a59223f1dbc06367ffed24e8b9bd2f1f58126c0ef4db4725cb0015bf
zsh-debuginfo-4.3.11-11.el6_10.i686.rpm SHA-256: 47c3a550e45f873bb1ece0e9b91dd4dce04c56140fa36b5434b13d8aafbc1eee
zsh-debuginfo-4.3.11-11.el6_10.i686.rpm SHA-256: 47c3a550e45f873bb1ece0e9b91dd4dce04c56140fa36b5434b13d8aafbc1eee
zsh-html-4.3.11-11.el6_10.i686.rpm SHA-256: 1ef43eddfc105721c0882c477321c13c5a0b03d0866ce0760a4e2db236622c0c

Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6

SRPM
zsh-4.3.11-11.el6_10.src.rpm SHA-256: 969fffbb3b92c7ada649691eb483fbd4c3552dd6f26e43315ad7758506a9d2dd
s390x
zsh-4.3.11-11.el6_10.s390x.rpm SHA-256: 7c2fd5943d41ce7ff62803d2612273ff8ab95db8379f91d1e4d791e0e0799273
zsh-debuginfo-4.3.11-11.el6_10.s390x.rpm SHA-256: 5ebd50d4ccf8fec513e53e69fe57cb87eb8497110687bedf2f04e780540ea36c
zsh-debuginfo-4.3.11-11.el6_10.s390x.rpm SHA-256: 5ebd50d4ccf8fec513e53e69fe57cb87eb8497110687bedf2f04e780540ea36c
zsh-html-4.3.11-11.el6_10.s390x.rpm SHA-256: 5961b282f1bd43c837e5b0a5f39ee5c84516bed9ae1addf0c9fbd85d763d0dd4

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility