[Portland-bugs] [Bug 66670] xdg-open: command injection vulnerability
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Tue Jan 6 15:42:35 PST 2015
https://bugs.freedesktop.org/show_bug.cgi?id=66670
Rex Dieter <rdieter at math.unl.edu> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #111778|0 |1
is obsolete| |
--- Comment #14 from Rex Dieter <rdieter at math.unl.edu> ---
Created attachment 111874
--> https://bugs.freedesktop.org/attachment.cgi?id=111874&action=edit
Fix argument quoting to avoid execution
try wrapping vars in "' ... '"
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/portland-bugs/attachments/20150106/07cc018a/attachment.html>
More information about the Portland-bugs
mailing list