opensubscriber
   Find in this group all groups
 
Unknown more information…

d : dev@spamassassin.apache.org 8 September 2009 • 2:33AM -0400

[Bug 2536] vpopmail/qmail code neither warning- nor 100% taint-safe
by bugzilla-daemon

REPLY TO AUTHOR
 
REPLY TO GROUP



https://issues.apache.org/SpamAssassin/show_bug.cgi?id=2536





--- Comment #37 from Manuel Mausz <manuel@maus...>  2009-09-07 11:33:46 PST ---
Created an attachment (id=4532)
--> (https://issues.apache.org/SpamAssassin/attachment.cgi?id=4532)
untaint $dir

Patch works fine but you need to untaint $dir so mkdir works.

--
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

Bookmark with:

Delicious   Digg   reddit   Facebook   StumbleUpon

opensubscriber is not affiliated with the authors of this message nor responsible for its content.