diff options
author | Jörg Frings-Fürst <debian@jff-webhosting.net> | 2015-12-14 21:16:16 +0100 |
---|---|---|
committer | Jörg Frings-Fürst <debian@jff-webhosting.net> | 2015-12-14 21:16:16 +0100 |
commit | a3abbef2d2f8c7e62d2fe64f64afe294563fdf8f (patch) | |
tree | 4fc12fb380a9ba17e271f349be47ce3dd7daec2a /debian/patches | |
parent | 80e944b1eb113f62bc509f94392e7f03c54a140e (diff) |
debian bung #807931
Diffstat (limited to 'debian/patches')
-rw-r--r-- | debian/patches/0500-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch (renamed from debian/patches/0115-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch) | 5 | ||||
-rw-r--r-- | debian/patches/series | 2 |
2 files changed, 4 insertions, 3 deletions
diff --git a/debian/patches/0115-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch b/debian/patches/0500-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch index 8e5e404..df2ab6a 100644 --- a/debian/patches/0115-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch +++ b/debian/patches/0500-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch @@ -1,10 +1,11 @@ Description: foomatic-rip: SECURITY FIX: Also consider the back tick ('`') as an illegal shell escape character. Thanks to Michal Kowalczyk from the Google Security Team for the hint. + Add changes from upstream revision 7419. Author: Till Kamppeter <till.kamppeter@gmail.com> Bug-CVE: CVE-2015-8327 Origin: upstream -Last-Update: 2015-11-26 +Last-Update: 2015-12-13 --- a/util.c +++ b/util.c @@ -13,7 +14,7 @@ Last-Update: 2015-11-26 -const char* shellescapes = "|<>&!$\'\"#*?()[]{}"; -+const char* shellescapes = "|<>&!$\'\"`#*?()[]{}"; ++const char* shellescapes = "|;<>&!$\'\"`#*?()[]{}"; const char * temp_dir() { diff --git a/debian/patches/series b/debian/patches/series index baee154..e6a186b 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -3,4 +3,4 @@ 0600-spelling-errors.diff 0110-fixed-segfault-when-creating-logfile.patch 0001-paps.patch -0115-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch +0500-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch |