|
From: | Sebastien Helleu |
Subject: | [Weechat-dev] [bug #37764] Security problem with untrusted command given to hook_process in plugin API |
Date: | Sun, 18 Nov 2012 12:32:02 +0000 |
User-agent: | Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11 |
Update of bug #37764 (project weechat): Status: In Progress => Fixed _______________________________________________________ Follow-up Comment #1: Fixed in devel and new stable version 0.3.9.2 has been released. Upgrade is *HIGHLY recommended*. Workaround with a non patched version: remove/unload all scripts calling function hook_process (for maximum safety). _______________________________________________________ Reply to this item at: <http://savannah.nongnu.org/bugs/?37764> _______________________________________________ Message posté via/par Savannah http://savannah.nongnu.org/
[Prev in Thread] | Current Thread | [Next in Thread] |