Ok cool, no reward i guess :-/
just please add my nickname Ug_0 Security and remove the mail adress of
public pages (it's ok for the mailing list i guess)
Also do you plan to request a CVE for this as CMake is very like very used
(i mean how many installer are affected in the wild ?)
Thank you
On 07/19/2016 01:46 PM, Cyril VALLICARI wrote:
> Here a Patch that correct the vulnerability
Thanks, applied:
NSIS: Quote uninstaller path when executing it in a shell
https://cmake.org/gitweb?p=cmake.git;a=commitdiff;h=01e1f694
-Brad
--
Powered by www.kitware.com
Please keep messages
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "CMake".
The branch, next has been updated
via d0724013c1c10641afa9e22b95c1057819d1dedb (commit)
via
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "CMake".
The branch, next has been updated
via 2aa32677691bea08274631f0107b7524f531801c (commit)
via
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "CMake".
The branch, next has been updated
via 2f4d3394ca8f2e1616464614313f56c3e7c153b5 (commit)
via
Hello,
While working on sqlitebrowser security (which use CMake) i've found that
the installer
execute an unquoted command when it call for the uninstall command.
POC Screenshot in attached file
Which allow a Privilege Escalation as described here :
cwe.mitre.org/data/definitions/428.html
Hello there,
in short:
I fixed some minor issues with WIX toolset support and added the possibility to
integrate service installation/uninstallation with generated msi packages.
Please review and comment what is missing for integration in upstream.
a bit longer:
When creating a
Hello,
I'd like to define an INTERFACE library that has header files only but
still generates its own project in Visual Studio. The only way to add
headers to an interface target that I'm aware of is
target_source_files(), which instead of creating a project it will
cause the header files
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "CMake".
The branch, next has been updated
via 5a25a64ed408bfdeb7a3b4932188415f93f3580e (commit)
via
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "CMake".
The branch, next has been updated
via 6a43e55d6d563ec65fe1ba8a4aa83c0f187be6b2 (commit)
via
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "CMake".
The branch, next has been updated
via fe98d04da7cd71bfe820d2706f864e3bce42fc18 (commit)
via
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "CMake".
The branch, master has been updated
via 922bb1fd69f5a0cb6a2bd6a9f5186bca11070196 (commit)
via
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "CMake".
The branch, master has been updated
via 34216023e6160908ae50721504924ef3ab3ed4f9 (commit)
via
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "CMake".
The branch, master has been updated
via 6a44e34630180250b865134c2a0ccbf9993339ca (commit)
via
14 matches
Mail list logo