Ugh, seriously? This is such basic shell escape security.

Also: vim gets yet another sec update.

Begin forwarded message:

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2022-6b512ae9e5 2022-04-30 18:40:14.825912 --------------------------------------------------------------------------------

Name : gzip

Update Information:

zgrep applied to a crafted file name with two or more newlines can no longer overwrite an arbitrary, attacker-selected file. reproducer:

$ touch foo.gz $ echo foo | gzip > "$(printf '|\n;e touch pwned\n#.gz')" $ zgrep foo *.gz

(the unfixed version of zgrep creates the file called pwned)