Re: [Chicken-announce] [SECURITY] Incomplete escaping in qs procedure ma

chicken-announce

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Chicken-announce] [SECURITY] Incomplete escaping in qs procedure ma

From:	Peter Bex
Subject:	Re: [Chicken-announce] [SECURITY] Incomplete escaping in qs procedure may lead to arbitrary shell code execution
Date:	Mon, 29 Apr 2013 21:51:30 +0200
User-agent:	Mutt/1.4.2.3i

On Sun, Apr 21, 2013 at 03:44:51PM +0200, Peter Bex wrote:
> Hello Chicken users,
> 
> It was discovered that the "qs" procedure from the "utils" module
> performs incomplete escaping.

This issue has been assigned CVE-2013-2024.

Kind regards,
The Chicken team

[Prev in Thread]

Current Thread

[Next in Thread]

[Chicken-announce] [SECURITY] Incomplete escaping in qs procedure may lead to arbitrary shell code execution, Peter Bex, 2013/04/21
- Re: [Chicken-announce] [SECURITY] Incomplete escaping in qs procedure may lead to arbitrary shell code execution, Peter Bex <=

Prev by Date: [Chicken-announce] [ANN] usb egg v0.1.0 is released
Previous by thread: [Chicken-announce] [SECURITY] Incomplete escaping in qs procedure may lead to arbitrary shell code execution
Next by thread: [Chicken-announce] [ANN] usb egg v0.1.0 is released
Index(es):
- Date
- Thread