diff options
author | Jörg Frings-Fürst <debian@jff-webhosting.net> | 2015-12-05 14:58:37 +0100 |
---|---|---|
committer | Jörg Frings-Fürst <debian@jff-webhosting.net> | 2015-12-05 14:58:37 +0100 |
commit | a19a390f6538d9df8f125d7498a2e5df57612387 (patch) | |
tree | 8368ee073c9d81f711ec5500b0e12198914dba12 /debian/patches/0115-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch | |
parent | 314e87026787b907f8fc77f44e1b5ce79cb9528f (diff) |
CVE-2015-8327; rename patches
Diffstat (limited to 'debian/patches/0115-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch')
-rw-r--r-- | debian/patches/0115-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/debian/patches/0115-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch b/debian/patches/0115-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch new file mode 100644 index 0000000..8e5e404 --- /dev/null +++ b/debian/patches/0115-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch @@ -0,0 +1,19 @@ +Description: foomatic-rip: SECURITY FIX: Also consider the back tick ('`') as + an illegal shell escape character. Thanks to Michal Kowalczyk from the Google + Security Team for the hint. +Author: Till Kamppeter <till.kamppeter@gmail.com> +Bug-CVE: CVE-2015-8327 +Origin: upstream +Last-Update: 2015-11-26 + +--- a/util.c ++++ b/util.c +@@ -31,7 +31,7 @@ + #include <assert.h> + + +-const char* shellescapes = "|<>&!$\'\"#*?()[]{}"; ++const char* shellescapes = "|<>&!$\'\"`#*?()[]{}"; + + const char * temp_dir() + { |