This bug was fixed in the package landscape-client - 24.02-0ubuntu2
---
landscape-client (24.02-0ubuntu2) noble; urgency=medium
* d/p/2055348-fix-expandvars-arb-exec.patch: fix potential arbitrary shell
execution in landscape/lib/format.py:expandvars (LP: #2055348)
-- Mitch Bu
** Changed in: landscape-client (Ubuntu)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2055348
Title:
Potential arbitrary execution in expandvars
To manage notific
** Merge proposal linked:
https://code.launchpad.net/~mitchburton/ubuntu/+source/landscape-client/+git/landscape-client/+merge/461568
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2055348
Title:
Upstream replacement with python here:
https://github.com/canonical/landscape-client/pull/222
Will produce patch.
** Changed in: landscape-client (Ubuntu)
Assignee: (unassigned) => Mitch Burton (mitchburton)
--
You received this bug notification because you are a member of Ubuntu
Bugs, whi
** Changed in: landscape-client (Ubuntu)
Importance: Undecided => High
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2055348
Title:
Potential arbitrary execution in expandvars
To manage notifica
