diff options
author | Jörg Frings-Fürst <debian@jff-webhosting.net> | 2015-12-14 21:16:16 +0100 |
---|---|---|
committer | Jörg Frings-Fürst <debian@jff-webhosting.net> | 2015-12-14 21:16:16 +0100 |
commit | a3abbef2d2f8c7e62d2fe64f64afe294563fdf8f (patch) | |
tree | 4fc12fb380a9ba17e271f349be47ce3dd7daec2a /debian/patches/0500-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch | |
parent | 80e944b1eb113f62bc509f94392e7f03c54a140e (diff) |
debian bung #807931
Diffstat (limited to 'debian/patches/0500-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch')
-rw-r--r-- | debian/patches/0500-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/debian/patches/0500-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch b/debian/patches/0500-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch new file mode 100644 index 0000000..df2ab6a --- /dev/null +++ b/debian/patches/0500-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch @@ -0,0 +1,20 @@ +Description: foomatic-rip: SECURITY FIX: Also consider the back tick ('`') as + an illegal shell escape character. Thanks to Michal Kowalczyk from the Google + Security Team for the hint. + Add changes from upstream revision 7419. +Author: Till Kamppeter <till.kamppeter@gmail.com> +Bug-CVE: CVE-2015-8327 +Origin: upstream +Last-Update: 2015-12-13 + +--- a/util.c ++++ b/util.c +@@ -31,7 +31,7 @@ + #include <assert.h> + + +-const char* shellescapes = "|<>&!$\'\"#*?()[]{}"; ++const char* shellescapes = "|;<>&!$\'\"`#*?()[]{}"; + + const char * temp_dir() + { |