slackware-current

Miroirs/slackware-current

Fork 0

mirror of git://slackware.nl/current.git synced 2024-12-31 10:28:29 +01:00

Commit graph

Author	SHA1	Message	Date
Patrick J Volkerding	837ec54cfe	Fri May 19 18:59:24 UTC 2023 patches/packages/cups-filters-1.28.17-x86_64-1_slack15.0.txz: Upgraded. [PATCH] Merge pull request from GHSA-gpxc-v2m8-fr3x. With execv() command line arguments are passed as separate strings and not the full command line in a single string. This prevents arbitrary command execution by escaping the quoting of the arguments in a job with forged job title. Thanks to marav. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-24805 (* Security fix *)	2023-05-20 13:39:15 +02:00

Author

SHA1

Message

Date

Patrick J Volkerding

837ec54cfe

Fri May 19 18:59:24 UTC 2023

patches/packages/cups-filters-1.28.17-x86_64-1_slack15.0.txz:  Upgraded.
  [PATCH] Merge pull request from GHSA-gpxc-v2m8-fr3x.
  With execv() command line arguments are passed as separate strings and
  not the full command line in a single string. This prevents arbitrary
  command execution by escaping the quoting of the arguments in a job
  with forged job title.
  Thanks to marav.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-24805
  (* Security fix *)

2023-05-20 13:39:15 +02:00

1 commit