Projects
Factory:RISC-V:Base
emacs
_service:tar_scm:backport-CVE-2022-48338.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:backport-CVE-2022-48338.patch of Package emacs
From 9a3b08061feea14d6f37685ca1ab8801758bfd1c Mon Sep 17 00:00:00 2001 From: Xi Lu <lx@shellcodes.org> Date: Fri, 23 Dec 2022 12:52:48 +0800 Subject: Fix ruby-mode.el local command injection vulnerability (bug#60268) * lisp/progmodes/ruby-mode.el (ruby-find-library-file): Fix local command injection vulnerability. Reference:https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=9a3b08061feea14d6f37685ca1ab8801758bfd1c Conflict:NA --- lisp/progmodes/ruby-mode.el | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lisp/progmodes/ruby-mode.el b/lisp/progmodes/ruby-mode.el index 1f3e9b6..a4aa619 100644 --- a/lisp/progmodes/ruby-mode.el +++ b/lisp/progmodes/ruby-mode.el @@ -1899,7 +1899,7 @@ or `gem' statement around point." (setq feature-name (read-string "Feature name: " init)))) (let ((out (substring - (shell-command-to-string (concat "gem which " feature-name)) + (shell-command-to-string (concat "gem which " (shell-quote-argument feature-name))) 0 -1))) (if (string-match-p "\\`ERROR" out) (user-error "%s" out) -- cgit v1.1
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2