From 4d245cf2b7170f32aad050e92356b1407b5e99df Mon Sep 17 00:00:00 2001 From: Patrick McDermott Date: Tue, 12 Mar 2019 12:54:40 -0400 Subject: ob_parse_version(): Improve eval safety There likely wasn't a vulnerability here since versions are validated first, but unnecessary expansions like this in eval commands are bad practice, and a bug in the validation could have led to a vulnerability here. --- (limited to 'lib/package.sh') -- cgit v0.9.1