[Weechat-dev] [bug #37764] Security problem with untrusted command given

weechat-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Weechat-dev] [bug #37764] Security problem with untrusted command given

From:	Sebastien Helleu
Subject:	[Weechat-dev] [bug #37764] Security problem with untrusted command given to hook_process in plugin API
Date:	Sun, 18 Nov 2012 12:32:02 +0000
User-agent:	Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11

Update of bug #37764 (project weechat):

                  Status:             In Progress => Fixed                  

    _______________________________________________________

Follow-up Comment #1:

Fixed in devel and new stable version 0.3.9.2 has been released. 
Upgrade is *HIGHLY recommended*.

Workaround with a non patched version: remove/unload all scripts calling
function hook_process (for maximum safety).

    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/bugs/?37764>

_______________________________________________
  Message posté via/par Savannah
  http://savannah.nongnu.org/

[Prev in Thread]

Current Thread

[Next in Thread]

[Weechat-dev] [bug #37764] Security problem with untrusted command given to hook_process in plugin API, Sebastien Helleu <=
- [Weechat-dev] [bug #37764] Security problem with untrusted command given to hook_process in plugin API, Sebastien Helleu, 2012/11/18

Prev by Date: [Weechat-dev] [bug #37744] aspell_suggest does not update to reflect /aspell toggle
Next by Date: [Weechat-dev] [bug #37764] Security problem with untrusted command given to hook_process in plugin API
Previous by thread: [Weechat-dev] [bug #37744] aspell_suggest does not update to reflect /aspell toggle
Next by thread: [Weechat-dev] [bug #37764] Security problem with untrusted command given to hook_process in plugin API
Index(es):
- Date
- Thread