> dictl (unlike dict) does not handle apostrophe correctly:
>
> % dictl "won't"
> /usr/bin/dictl: 1: eval: Syntax error: Unterminated quoted string
>
>
> This means arbitrary code execution if dictl is used in a script
> accepting untrusted data (but dictl is not suitable for such scripts
> anyw
Package: dict
Version: 1.12.0+dfsg-5
Severity: normal
File: /usr/bin/dictl
Tags: patch upstream
dictl (unlike dict) does not handle apostrophe correctly:
% dictl "won't"
/usr/bin/dictl: 1: eval: Syntax error: Unterminated quoted string
This means arbitrary code execution if dictl is used in a s
2 matches
Mail list logo
