CVE-2018-7548

In subst.c in zsh through 5.4.2, there is a NULL pointer dereference when using ${(PA)…} on an empty array result.

Date published : 2018-02-27

https://security.gentoo.org/glsa/201805-10

https://sourceforge.net/p/zsh/code/ci/110b13e1090bc31ac1352b28adc2d02b6d25a102