Branch: refs/heads/master
Home: https://github.com/openSUSE/obs-service-format_spec_file
Commit: 6ac91b807794c944eb0063e7b7eb4bbaa50aebe2
https://github.com/openSUSE/obs-service-format_spec_file/commit/6ac91b807794...
Author: Marcus Huewe
Date: 2016-03-02 (Wed, 02 Mar 2016)
Changed paths:
M patch_license
M prepare_spec
Log Message:
-----------
Explicitly pass mode argument to open for user specified files
Otherwise we could execute "arbitrary" code using perl's ipc mechansim.
Commit: bc989c3ddf911b59e7abc80b85df71a8ff937a30
https://github.com/openSUSE/obs-service-format_spec_file/commit/bc989c3ddf91...
Author: Marcus Huewe
Date: 2016-03-02 (Wed, 02 Mar 2016)
Changed paths:
M format_spec_file
Log Message:
-----------
Don't allow --specfile arguments that contain path separators
Otherwise it is possible to trash "arbitrary" files (e.g. by using
a number of /../ components).
Commit: 38209e84c0166c6deb6d3af863034a1254dc8f33
https://github.com/openSUSE/obs-service-format_spec_file/commit/38209e84c016...
Author: Frank Schreiner
Date: 2016-03-16 (Wed, 16 Mar 2016)
Changed paths:
M format_spec_file
M patch_license
M prepare_spec
Log Message:
-----------
Merge pull request #10 from marcus-h/security_fixes
filter for directories
Compare: https://github.com/openSUSE/obs-service-format_spec_file/compare/cda25553770...