11 matches found
ruby: Tainted flags are not propagated in Array#pack and String#unpack with some directives
An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats...
ruby: Tainted flags are not propagated in Array#pack and String#unpack with some directives
An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats...
ruby: Tainted flags are not propagated in Array#pack and String#unpack with some directives
An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats...
ruby: Tainted flags are not propagated in Array#pack and String#unpack with some directives
An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats...
MGASA-2016-0027 Updated perl and perl-PathTools packages fix security vulnerability
It was reported that File::Spec::canonpath routine returns untainted strings even if passed tainted input. This defect undermines the guarantee of taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code CVE-2015-8607...
Updated perl and perl-PathTools packages fix security vulnerability
It was reported that File::Spec::canonpath routine returns untainted strings even if passed tainted input. This defect undermines the guarantee of taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code CVE-2015-8607...
[SECURITY] [DSA 3441-1] perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3441-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 11, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3441-1] perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3441-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 11, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3441-1 (perl - security update)
David Golden of MongoDB discovered that File::Spec::canonpath in Perl returned untainted strings even if passed tainted input. This defect undermines taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code. The oldstable distribution wheezy i...
DSA-3441-1 perl - security update
Bulletin has no description...
p5-PathTools -- File::Spec::canonpath loses taint
Ricardo Signes reports: Beginning in PathTools 3.47 and/or perl 5.20.0, the File::Spec::canonpath routine returned untained strings even if passed tainted input. This defect undermines the guarantee of taint propagation, which is sometimes used to ensure that unvalidated user input does not reach...