Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2022:2120 - Security Advisory
Issued:
2022-05-10
Updated:
2022-05-10

RHSA-2022:2120 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: zsh security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for zsh is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell (the Korn shell), but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions (with autoloading), a history mechanism, and more.

Security Fix(es):

  • zsh: Prompt expansion vulnerability (CVE-2021-45444)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

Fixes

  • BZ - 2054089 - CVE-2021-45444 zsh: Prompt expansion vulnerability

CVEs

  • CVE-2021-45444

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 8

SRPM
zsh-5.5.1-9.el8.src.rpm SHA-256: 107a9f99e268fbf71fb89d409030b972cd593fb04ef2206687f9a9748cc4e5d3
x86_64
zsh-5.5.1-9.el8.x86_64.rpm SHA-256: c5b6b0a1d24c6fb3bc4dc24a6f6a52ec62e946374a7e8819237744b5c9c52723
zsh-debuginfo-5.5.1-9.el8.x86_64.rpm SHA-256: 427cba64ff56da394ebbfc8ae5525ed68692b1be3afc78a062ad4bc6f43f601b
zsh-debugsource-5.5.1-9.el8.x86_64.rpm SHA-256: 449c9e1b50dc8b4e100ddab880f864c732cfd26bd4cada2a7d7482ea526b38c5
zsh-html-5.5.1-9.el8.noarch.rpm SHA-256: c4080c5dde0acd55e5a2ea1604e5b327113fdd8cc9b1773eae096487d37b4834

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

SRPM
zsh-5.5.1-9.el8.src.rpm SHA-256: 107a9f99e268fbf71fb89d409030b972cd593fb04ef2206687f9a9748cc4e5d3
x86_64
zsh-5.5.1-9.el8.x86_64.rpm SHA-256: c5b6b0a1d24c6fb3bc4dc24a6f6a52ec62e946374a7e8819237744b5c9c52723
zsh-debuginfo-5.5.1-9.el8.x86_64.rpm SHA-256: 427cba64ff56da394ebbfc8ae5525ed68692b1be3afc78a062ad4bc6f43f601b
zsh-debugsource-5.5.1-9.el8.x86_64.rpm SHA-256: 449c9e1b50dc8b4e100ddab880f864c732cfd26bd4cada2a7d7482ea526b38c5
zsh-html-5.5.1-9.el8.noarch.rpm SHA-256: c4080c5dde0acd55e5a2ea1604e5b327113fdd8cc9b1773eae096487d37b4834

Red Hat Enterprise Linux Server - AUS 8.6

SRPM
zsh-5.5.1-9.el8.src.rpm SHA-256: 107a9f99e268fbf71fb89d409030b972cd593fb04ef2206687f9a9748cc4e5d3
x86_64
zsh-5.5.1-9.el8.x86_64.rpm SHA-256: c5b6b0a1d24c6fb3bc4dc24a6f6a52ec62e946374a7e8819237744b5c9c52723
zsh-debuginfo-5.5.1-9.el8.x86_64.rpm SHA-256: 427cba64ff56da394ebbfc8ae5525ed68692b1be3afc78a062ad4bc6f43f601b
zsh-debugsource-5.5.1-9.el8.x86_64.rpm SHA-256: 449c9e1b50dc8b4e100ddab880f864c732cfd26bd4cada2a7d7482ea526b38c5
zsh-html-5.5.1-9.el8.noarch.rpm SHA-256: c4080c5dde0acd55e5a2ea1604e5b327113fdd8cc9b1773eae096487d37b4834

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
zsh-5.5.1-9.el8.src.rpm SHA-256: 107a9f99e268fbf71fb89d409030b972cd593fb04ef2206687f9a9748cc4e5d3
s390x
zsh-5.5.1-9.el8.s390x.rpm SHA-256: 6f8d58fac03bc043872ad90019340ffc8291794e338cb84a729763456df59ffc
zsh-debuginfo-5.5.1-9.el8.s390x.rpm SHA-256: 8a5cf4c912213ebfe73ce578ebf80b04de1ad20d84953df62c83e36f3b9f4881
zsh-debugsource-5.5.1-9.el8.s390x.rpm SHA-256: 14804e03208a233297366aa7267d3c296b34439778442e361c8b192914aa8679
zsh-html-5.5.1-9.el8.noarch.rpm SHA-256: c4080c5dde0acd55e5a2ea1604e5b327113fdd8cc9b1773eae096487d37b4834

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6

SRPM
zsh-5.5.1-9.el8.src.rpm SHA-256: 107a9f99e268fbf71fb89d409030b972cd593fb04ef2206687f9a9748cc4e5d3
s390x
zsh-5.5.1-9.el8.s390x.rpm SHA-256: 6f8d58fac03bc043872ad90019340ffc8291794e338cb84a729763456df59ffc
zsh-debuginfo-5.5.1-9.el8.s390x.rpm SHA-256: 8a5cf4c912213ebfe73ce578ebf80b04de1ad20d84953df62c83e36f3b9f4881
zsh-debugsource-5.5.1-9.el8.s390x.rpm SHA-256: 14804e03208a233297366aa7267d3c296b34439778442e361c8b192914aa8679
zsh-html-5.5.1-9.el8.noarch.rpm SHA-256: c4080c5dde0acd55e5a2ea1604e5b327113fdd8cc9b1773eae096487d37b4834

Red Hat Enterprise Linux for Power, little endian 8

SRPM
zsh-5.5.1-9.el8.src.rpm SHA-256: 107a9f99e268fbf71fb89d409030b972cd593fb04ef2206687f9a9748cc4e5d3
ppc64le
zsh-5.5.1-9.el8.ppc64le.rpm SHA-256: b23412305e5e3bf230f18925bc4e8f42ef5e5a8ccdeb4da39da015d7d1e638ee
zsh-debuginfo-5.5.1-9.el8.ppc64le.rpm SHA-256: d6fcad306a0ca74637b8f87759ed60979359942bda7b44299d04957c25d52b6f
zsh-debugsource-5.5.1-9.el8.ppc64le.rpm SHA-256: 96c5aa0fb898e30e958679cd115e43b21d307a2952842e1fa1ccc53ee2c6b917
zsh-html-5.5.1-9.el8.noarch.rpm SHA-256: c4080c5dde0acd55e5a2ea1604e5b327113fdd8cc9b1773eae096487d37b4834

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6

SRPM
zsh-5.5.1-9.el8.src.rpm SHA-256: 107a9f99e268fbf71fb89d409030b972cd593fb04ef2206687f9a9748cc4e5d3
ppc64le
zsh-5.5.1-9.el8.ppc64le.rpm SHA-256: b23412305e5e3bf230f18925bc4e8f42ef5e5a8ccdeb4da39da015d7d1e638ee
zsh-debuginfo-5.5.1-9.el8.ppc64le.rpm SHA-256: d6fcad306a0ca74637b8f87759ed60979359942bda7b44299d04957c25d52b6f
zsh-debugsource-5.5.1-9.el8.ppc64le.rpm SHA-256: 96c5aa0fb898e30e958679cd115e43b21d307a2952842e1fa1ccc53ee2c6b917
zsh-html-5.5.1-9.el8.noarch.rpm SHA-256: c4080c5dde0acd55e5a2ea1604e5b327113fdd8cc9b1773eae096487d37b4834

Red Hat Enterprise Linux Server - TUS 8.6

SRPM
zsh-5.5.1-9.el8.src.rpm SHA-256: 107a9f99e268fbf71fb89d409030b972cd593fb04ef2206687f9a9748cc4e5d3
x86_64
zsh-5.5.1-9.el8.x86_64.rpm SHA-256: c5b6b0a1d24c6fb3bc4dc24a6f6a52ec62e946374a7e8819237744b5c9c52723
zsh-debuginfo-5.5.1-9.el8.x86_64.rpm SHA-256: 427cba64ff56da394ebbfc8ae5525ed68692b1be3afc78a062ad4bc6f43f601b
zsh-debugsource-5.5.1-9.el8.x86_64.rpm SHA-256: 449c9e1b50dc8b4e100ddab880f864c732cfd26bd4cada2a7d7482ea526b38c5
zsh-html-5.5.1-9.el8.noarch.rpm SHA-256: c4080c5dde0acd55e5a2ea1604e5b327113fdd8cc9b1773eae096487d37b4834

Red Hat Enterprise Linux for ARM 64 8

SRPM
zsh-5.5.1-9.el8.src.rpm SHA-256: 107a9f99e268fbf71fb89d409030b972cd593fb04ef2206687f9a9748cc4e5d3
aarch64
zsh-5.5.1-9.el8.aarch64.rpm SHA-256: 7484e1226cd61b42b1915de633850265deb47f2801a4b1a65e2650a51df5b07c
zsh-debuginfo-5.5.1-9.el8.aarch64.rpm SHA-256: da6ae321ab5ba2c907e4b49f72e034d9d48686ea3fd64807692c3e141b806c67
zsh-debugsource-5.5.1-9.el8.aarch64.rpm SHA-256: 14c62d1883acf19bb28a09465e6f5d7d67a77e1a4bb3611993711287dcc32f25
zsh-html-5.5.1-9.el8.noarch.rpm SHA-256: c4080c5dde0acd55e5a2ea1604e5b327113fdd8cc9b1773eae096487d37b4834

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6

SRPM
zsh-5.5.1-9.el8.src.rpm SHA-256: 107a9f99e268fbf71fb89d409030b972cd593fb04ef2206687f9a9748cc4e5d3
aarch64
zsh-5.5.1-9.el8.aarch64.rpm SHA-256: 7484e1226cd61b42b1915de633850265deb47f2801a4b1a65e2650a51df5b07c
zsh-debuginfo-5.5.1-9.el8.aarch64.rpm SHA-256: da6ae321ab5ba2c907e4b49f72e034d9d48686ea3fd64807692c3e141b806c67
zsh-debugsource-5.5.1-9.el8.aarch64.rpm SHA-256: 14c62d1883acf19bb28a09465e6f5d7d67a77e1a4bb3611993711287dcc32f25
zsh-html-5.5.1-9.el8.noarch.rpm SHA-256: c4080c5dde0acd55e5a2ea1604e5b327113fdd8cc9b1773eae096487d37b4834

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM
zsh-5.5.1-9.el8.src.rpm SHA-256: 107a9f99e268fbf71fb89d409030b972cd593fb04ef2206687f9a9748cc4e5d3
ppc64le
zsh-5.5.1-9.el8.ppc64le.rpm SHA-256: b23412305e5e3bf230f18925bc4e8f42ef5e5a8ccdeb4da39da015d7d1e638ee
zsh-debuginfo-5.5.1-9.el8.ppc64le.rpm SHA-256: d6fcad306a0ca74637b8f87759ed60979359942bda7b44299d04957c25d52b6f
zsh-debugsource-5.5.1-9.el8.ppc64le.rpm SHA-256: 96c5aa0fb898e30e958679cd115e43b21d307a2952842e1fa1ccc53ee2c6b917
zsh-html-5.5.1-9.el8.noarch.rpm SHA-256: c4080c5dde0acd55e5a2ea1604e5b327113fdd8cc9b1773eae096487d37b4834

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM
zsh-5.5.1-9.el8.src.rpm SHA-256: 107a9f99e268fbf71fb89d409030b972cd593fb04ef2206687f9a9748cc4e5d3
x86_64
zsh-5.5.1-9.el8.x86_64.rpm SHA-256: c5b6b0a1d24c6fb3bc4dc24a6f6a52ec62e946374a7e8819237744b5c9c52723
zsh-debuginfo-5.5.1-9.el8.x86_64.rpm SHA-256: 427cba64ff56da394ebbfc8ae5525ed68692b1be3afc78a062ad4bc6f43f601b
zsh-debugsource-5.5.1-9.el8.x86_64.rpm SHA-256: 449c9e1b50dc8b4e100ddab880f864c732cfd26bd4cada2a7d7482ea526b38c5
zsh-html-5.5.1-9.el8.noarch.rpm SHA-256: c4080c5dde0acd55e5a2ea1604e5b327113fdd8cc9b1773eae096487d37b4834

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2022 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter