CLSA-2025-1761673667

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761673667.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2025-1761673667
Upstream
Published
2025-10-28T17:47:51Z
Modified
2026-06-04T09:45:07.414151073Z
Summary
Fix CVE(s): CVE-2019-20044
Details
  • SECURITY UPDATE: insecure privilege dropping vulnerability
    • debian/patches/CVE-2019-20044-*.patch: improve error handling in setopt command, add OpenSSH-based setresuid/setresgid wrappers, simplify and secure privilege dropping logic, add comprehensive tests for PRIVILEGED option
    • CVE-2019-20044
References

Affected packages

TuxCare:Debian:10 / zsh

Package

Name
zsh
Purl
pkg:deb/tuxcare/zsh?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.7.1-1+deb10u1+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761673667.json"

TuxCare:Debian:10 / zsh-common

Package

Name
zsh-common
Purl
pkg:deb/tuxcare/zsh-common?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.7.1-1+deb10u1+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761673667.json"

TuxCare:Debian:10 / zsh-dev

Package

Name
zsh-dev
Purl
pkg:deb/tuxcare/zsh-dev?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.7.1-1+deb10u1+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761673667.json"

TuxCare:Debian:10 / zsh-doc

Package

Name
zsh-doc
Purl
pkg:deb/tuxcare/zsh-doc?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.7.1-1+deb10u1+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761673667.json"

TuxCare:Debian:10 / zsh-static

Package

Name
zsh-static
Purl
pkg:deb/tuxcare/zsh-static?distro=debian-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.7.1-1+deb10u1+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761673667.json"