[Bug 215988] security/vuxml: Document shell escape vulnerability in shells/lshell

[bugzilla-noreply at freebsd.org]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215988

Vladimir Krstulja <vlad-fbsd at acheronmedia.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Assignee|freebsd-ports-bugs at FreeBSD. |ports-secteam at FreeBSD.org
                   |org                         |
             Status|New                         |Open
            Summary|shells/lshell - shell       |security/vuxml: Document
                   |escape vulnerability in     |shell escape vulnerability
                   |0.9.16_2                    |in shells/lshell

--- Comment #1 from Vladimir Krstulja <vlad-fbsd at acheronmedia.com> ---
Thanks for the info. I've checked the issue you linked, was going to prepare
the vuxml entry, but I don't see that being fixed in 0.9.18. The issue was
filed 2016-08-22, still open, but 0.9.18 is tagged on 2016-02-25.

Please correct me if I'm wrong.

As you submitted the update request with taking maintainership in bug #215989,
I'd like to ask you to please collate the security issues up to including
0.9.18 and help us document the vulnerabilities better.

Perhaps you could ask the upstream to tag 0.9.19 (I'm assuming is the next) so
this could be cleanly included with upstream fixes.

Rebasing this issue to security/vuxml.

-- 
You are receiving this mail because:
You are the assignee for the bug.