On Tue, Dec 27, 2016 at 10:45:58AM -0800, Stefan Beller wrote:
> > I expect that things that start their life in the contrib/ area
> > to graduate out of contrib/ once they mature, either by becoming
> > projects on their own, or moving to the toplevel directory. On
> > the other hand, I expect I
+cc the author of gitview
On Tue, Dec 27, 2016 at 12:29 AM, Javantea wrote:
> I have found a shell injection vulnerability in contrib/gitview/gitview.
>
> Gitview Shell Injection Vulnerability
>
> Versions affected: 8cb711c8a5-1d1bdafd64 (<=2.11.0)
>
> Gitview execu
I have found a shell injection vulnerability in contrib/gitview/gitview.
Gitview Shell Injection Vulnerability
Versions affected: 8cb711c8a5-1d1bdafd64 (<=2.11.0)
Gitview executes shell commands using string concatenation with user supplied
data, filenames and branch names. Running Gitview
3 matches
Mail list logo
