Is this the well documented Windows URI security flaw dicussed about
2007?
https://www.networkworld.com/article/2286774/lan-wan/microsoft-to-fix-uri-security-flaw-after-criticism.html
https://blog.mozilla.org/security/2007/07/23/related-security-issue-in-url-protocol-handling-on-windows/
https://msdn.microsoft.com/en-us/library/aa767914(v=vs.85).aspx
If so, isn't that resolved already?
https://bugzilla.mozilla.org/show_bug.cgi?id=389106
Regards
https://bugzilla.mozilla.org/show_bug.cgi?id=389106Am 23.11.2017 10:11,
schrieb Knut Petersen:
Hi everybody!
12 years ago a security problem was introduced into
lilypond-invoke-editor.
On 2017/11/15 the problem was reported to the bug-lilypond mailing
list by Gabriel Corona.
If you decided to install lilypond-invoke-editor helper as a general
URI helper, you _are_ affected.
If you decided to install lilypond-invoke-editor to only handle
textedit URIs (or if you do not use it at all) you are _not_ affected.
If you do not know if you are affected:
1.: locate lilypond-invoke-editor
2. Open lilypond-invoke-editor in your favorite text editor. Search for
(if (is-textedit-uri? uri)
(run-editor uri)
(run-browser uri)))))
and replace it with
(if (is-textedit-uri? uri)
(run-editor uri)))))
Knut
_______________________________________________
lilypond-user mailing list
lilypond-user@gnu.org
https://lists.gnu.org/mailman/listinfo/lilypond-user
_______________________________________________
lilypond-user mailing list
lilypond-user@gnu.org
https://lists.gnu.org/mailman/listinfo/lilypond-user
