dgit.raspbian.org Git - emacs.git/commit

author	lu4nx <lx@shellcodes.org>
	Tue, 6 Dec 2022 07:42:40 +0000 (15:42 +0800)
committer	Sean Whitton <spwhitton@spwhitton.name>
	Wed, 22 Feb 2023 17:58:33 +0000 (10:58 -0700)
commit	f8822cd42a828c42d9b76bcd32de7e595ffb73c1
tree	9e2b57e247bf8fa8abe372952a0c95c922df1507	tree \| snapshot
parent	52fb40cf6a3c50c996cff79b0d4f81fc39c7badf	commit \| diff

Fix etags local command injection vulnerability (CVE-2022-48337)

This upstream patch has been incorporated to fix the problem:

  Fix etags local command injection vulnerability

  * lib-src/etags.c: (escape_shell_arg_string): New function.
  (process_file_name): Use it to quote file names passed to the
  shell.  (Bug#59817)

Origin: upstream, commit e339926272a598bd9ee7e02989c1662b89e64cf0
Bug: https://debbugs.gnu.org/59817
Bug-Debian: https://bugs.debian.org/1031730
Forwarded: not-needed

lib-src/etags.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom