Updated: zsh-5.0.7-1

Peter A. Castro doctor@fruitbat.org
Mon Apr 27 18:13:00 GMT 2015

An updated version of zsh (zsh-5.0.7-1) has been released and should be
at a mirror near you real soon.  This is an upstream release.


Version 5.0.7 has just been released for both 32-bit and 64-bit Cygwin.
This release contains several fixes, but is mostly to address the problem 
that existed in versions 5.0.6.


(From the release notes: http://zsh.sourceforge.net/releases.html)

Changes between versions 5.0.6 and 5.0.7

     Contains a security fix to disallow evaluation of the initial values 
of integer variables imported from the environment (they are instead 
treated as literal numbers). That could allow local privilege escalation, 
under some specific and atypical conditions where zsh is being invoked in 
privilege elevation contexts when the environment has not been properly 
sanitized, such as when zsh is invoked by sudo on systems where 
"env_reset" has been disabled.

     The default $fpath/$FPATH is now designed always to include 
/usr/local/share/zsh/site-functions. This directory does not need to 
exist. Sites that set an explicit site directory can put that in 
/etc/zshenv as before. The intention of the new path element is to 
increase the likelihood that locally added functions can be found with the 
shell running "out of the box", no matter how the shell was configured.

     In prompt strings, %e or the equivalent test %(e..) are used to output 
or test the execution / evaluation depth of a shell construct within 
functions etc. This is useful in $PS4.

     Redirections applied to function definitions take effect when the 
function is executed, not when it is defined. Other shells already work 
this way. For example, fn() { echo hello } >~/logfile Running fn writes 
"hello" to logfile. In older versions of the shell it would create an 
empty file at the point of definition.


See ChangeLogs for full details.


Zsh is a UNIX command interpreter (shell) usable as an interactive login
shell and as a shell script command processor.  Of the standard shells,
zsh most closely resembles `ksh' but includes many enhancements.  Zsh has
command line editing, builtin spelling correction, programmable command
completion, shell functions (with autoloading), a history mechanism, and
a host of other features.

To update your installation, click on the "Install Cygwin now" link on the
http://cygwin.com/ web page.  This downloads setup.exe to your system.
Save it and run setup, answer the questions and pick up 'zsh' in the
'Shell' category (you will have select it).

Note that downloads from sources.redhat.com (aka cygwin.com) aren't
allowed due to bandwidth limitations.  This means that you will need to
find a mirror which has this update, please choose the one nearest to you:

If you want to make a point or ask a question the Cygwin mailing list is
the appropriate place.

To unsubscribe from the cygwin-announce mailing list, look at the
"List-Unsubscribe: " tag in the email header of this message.  Send email
to the address specified there.  It will be in the format:

cygwin-announce-unsubscribe-YOU=YOURDOMAIN.COM at cygwin.com

If you need more information on unsubscribing, start reading here:


Please read *all* of the information on unsubscribing that is available
starting at that URL.

--=> Peter A. Castro
Email: doctor at fruitbat dot org / Peter dot Castro at oracle dot com
  	"Cats are just autistic Dogs" -- Dr. Tony Attwood

More information about the Cygwin-announce mailing list