1 May
2022
1 May
'22
8:15 p.m.
Ugh, seriously? This is such basic shell escape security.
Also: vim gets yet another sec update.
Begin forwarded message:
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2022-6b512ae9e5 2022-04-30 18:40:14.825912 --------------------------------------------------------------------------------
Name : gzip
Update Information:
zgrep applied to a crafted file name with two or more newlines can no longer overwrite an arbitrary, attacker-selected file. reproducer:
$ touch foo.gz $ echo foo | gzip > "$(printf '|\n;e touch pwned\n#.gz')" $ zgrep foo *.gz
(the unfixed version of zgrep creates the file called pwned)