summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPatrick McDermott <patrick.mcdermott@libiquity.com>2019-04-27 19:16:49 (EDT)
committer Patrick McDermott <patrick.mcdermott@libiquity.com>2019-04-27 19:16:49 (EDT)
commit2837e10e7888aeabdb7d13b4052a40e6994efcf1 (patch)
treec7f1fd54adeb2695255d155eec493f08a73a1241
parent82beb4f4e2094685a3f7cac9c2b5b5705e259e3d (diff)
NEWS: List code quality improvements
-rw-r--r--NEWS15
1 files changed, 15 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index cfc25b2..9bb458d 100644
--- a/NEWS
+++ b/NEWS
@@ -11,6 +11,16 @@ feed index file signatures against a validated archive certificate; and
fetching lists of ProteanOS architectures, platforms, and archive
mirrors.
+Security fix:
+
+ * An unsafe "eval" command has been fixed. Running prokit's "install"
+ command with an untrusted "root" directory argument, as in the shell
+ command `prokit install dev/trunk "root'; echo hello #"`, allows
+ arbitrary code execution. This is fixed by Git commit 1ce4ec3.
+ This is considered a low-impact vulnerability, because running
+ prokit's "install" command with untrusted arguments is an unlikely
+ use case.
+
New dependencies:
* prokit now requires OpenWrt's usign utility, which verifies ed25519
@@ -70,6 +80,11 @@ Build system and code quality:
* Uses of the non-portable "%s" date format conversion specifier and
"expr" command have been replaced.
* The test suite is now based around the TAP protocol.
+ * Code quality has been improved: eval commands are now safer against
+ mistakes in input validation/escaping, echo commands have been
+ replaced, errors are handled (making the shell "-e" option safe), an
+ obselescent [ (test) command option has been removed, and commands
+ are protected from variable arguments beginning with "-".
ProteanOS Development Kit version 1.1.0
---------------------------------------