diff options
author | Patrick McDermott <patrick.mcdermott@libiquity.com> | 2019-04-27 19:16:49 (EDT) |
---|---|---|
committer | Patrick McDermott <patrick.mcdermott@libiquity.com> | 2019-04-27 19:16:49 (EDT) |
commit | 2837e10e7888aeabdb7d13b4052a40e6994efcf1 (patch) | |
tree | c7f1fd54adeb2695255d155eec493f08a73a1241 | |
parent | 82beb4f4e2094685a3f7cac9c2b5b5705e259e3d (diff) |
NEWS: List code quality improvements
-rw-r--r-- | NEWS | 15 |
1 files changed, 15 insertions, 0 deletions
@@ -11,6 +11,16 @@ feed index file signatures against a validated archive certificate; and fetching lists of ProteanOS architectures, platforms, and archive mirrors. +Security fix: + + * An unsafe "eval" command has been fixed. Running prokit's "install" + command with an untrusted "root" directory argument, as in the shell + command `prokit install dev/trunk "root'; echo hello #"`, allows + arbitrary code execution. This is fixed by Git commit 1ce4ec3. + This is considered a low-impact vulnerability, because running + prokit's "install" command with untrusted arguments is an unlikely + use case. + New dependencies: * prokit now requires OpenWrt's usign utility, which verifies ed25519 @@ -70,6 +80,11 @@ Build system and code quality: * Uses of the non-portable "%s" date format conversion specifier and "expr" command have been replaced. * The test suite is now based around the TAP protocol. + * Code quality has been improved: eval commands are now safer against + mistakes in input validation/escaping, echo commands have been + replaced, errors are handled (making the shell "-e" option safe), an + obselescent [ (test) command option has been removed, and commands + are protected from variable arguments beginning with "-". ProteanOS Development Kit version 1.1.0 --------------------------------------- |