squirrelmail: patch remote code execution (CVE-2017-7692) - pkgsrc

diff options

author	maya <maya@pkgsrc.org>	2017-04-19 17:10:18 +0000
committer	maya <maya@pkgsrc.org>	2017-04-19 17:10:18 +0000
commit	f8e0eb44842a409b20cb31467e6d250a4a5f93aa (patch)
tree	b88164395ca53586bff1a37d126152849cb95752 /devel/py-mercurial
parent	790ecc8a0124ef858750d083a90e3ab08f0b8978 (diff)
download	pkgsrc-f8e0eb44842a409b20cb31467e6d250a4a5f93aa.tar.gz

squirrelmail: patch remote code execution (CVE-2017-7692)

separately escape tainted input before feeding it into popen. https://www.wearesegment.com/research/Squirrelmail-Remote-Code-Execution.html patch from Filipo Cavallarin@wearesegment, who also found the vulnerability. bump PKGREVISION

Diffstat (limited to 'devel/py-mercurial')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: