[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Security problem: lilypond-invoke-editor
|
From: |
Knut Petersen |
|
Subject: |
Security problem: lilypond-invoke-editor |
|
Date: |
Thu, 23 Nov 2017 10:11:33 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 |
Hi everybody!
12 years ago a security problem was introduced into lilypond-invoke-editor.
On 2017/11/15 the problem was reported to the bug-lilypond mailing list by
Gabriel Corona.
If you decided to install lilypond-invoke-editor helper as a general URI
helper, you _are_ affected.
If you decided to install lilypond-invoke-editor to only handle textedit URIs
(or if you do not use it at all) you are _not_ affected.
If you do not know if you are affected:
1.: locate lilypond-invoke-editor
2. Open lilypond-invoke-editor in your favorite text editor. Search for
(if (is-textedit-uri? uri)
(run-editor uri)
(run-browser uri)))))
and replace it with
(if (is-textedit-uri? uri)
(run-editor uri)))))
Knut
- Security problem: lilypond-invoke-editor,
Knut Petersen <=
Re: Security problem: lilypond-invoke-editor, Blöchl Bernhard, 2017/11/23