pygmalion
, pygmalion-virtualenv
and refined
themes Description: these themes use print -P
on user-supplied strings to print them to the terminal. All of them do that on git information, particularly the branch name, so if the branch has a specially-crafted name the vulnerability can be exploited.Fixed in: b3ba9978.Impacted areas: - pygmalion
theme. - pygmalion-virtualenv
theme. - refined
theme.