da78065c76
Details: https://lists.nongnu.org/archive/html/chicken-announce/2022-11/msg00000.html > Vasilij found a security issue with the way egg-information > files are created during installation of an extension package. > Currently, escape characters in the .egg file may be used to > perform arbitrary OS command injection due to the method the > egg metadata is created and installed in the local egg repository > during the install-stage of an egg. diff from MAINTAINER Timo Myyrä, thanks! |
||
|---|---|---|
| .. | ||
| bootstrap | ||
| core | ||
| Makefile | ||
| Makefile.inc | ||