lux <[email protected]> writes:

> The `org-babel-execute:plantuml' function does not properly escape the 
> `out-file' parameter when invoking the `inkscape' command. This leads
…
> A patch fixing the issue is attached.
>
> [4. text/x-patch; 
> 0001-lisp-ob-plantuml.el-Fix-command-injection-vulnerabil.patch]...

The code looks good. I didn’t run it yet, but it looks obviously
correct and shell-quote-argument does what is needed there.

(⇒ someone else will need to run it)

Best wishes,
Arne

Attachment: signature.asc
Description: PGP signature

Reply via email to