Mandriva Security Advisory MDVSA-2009:108-1 (zsh)

Summary
The remote host is missing an update to zsh announced via advisory MDVSA-2009:108-1.
Solution
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:108-1
Insight
A stack-based buffer overflow was found in the zsh command interpreter. An attacker could use this flaw to cause a denial of service (zsh crash), when providing a specially-crafted string as input to the zsh shell. The updated packages have been patched to prevent this. Update: Packages for 2008.0 are being provided due to extended support for Corporate products. Affected: 2008.0