[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Chicken-announce] [SECURITY] Incomplete escaping in qs procedure ma
From: |
Peter Bex |
Subject: |
Re: [Chicken-announce] [SECURITY] Incomplete escaping in qs procedure may lead to arbitrary shell code execution |
Date: |
Mon, 29 Apr 2013 21:51:30 +0200 |
User-agent: |
Mutt/1.4.2.3i |
On Sun, Apr 21, 2013 at 03:44:51PM +0200, Peter Bex wrote:
> Hello Chicken users,
>
> It was discovered that the "qs" procedure from the "utils" module
> performs incomplete escaping.
This issue has been assigned CVE-2013-2024.
Kind regards,
The Chicken team