I just released Augeas 1.8.1. The only change compared to 1.8.0 is a fix for CVE-2017-7555 <https://access.redhat.com/security/cve/CVE-2017-7555> which addresses a serious security flaw connected to the handling of escaped whitespace at the end of path expressions. The commit <https://github.com/hercules-team/augeas/commit/7a9177a960bb7bab30423241a099e5a04e2c3993> has a few more details of what was going on there. The problem was introduced by commit ea010d85, first released in Augeas 0.9.0.
Many thanks to Han Han, Laine Stump, and Doran Moppert for finding and helping address this issue. David Tarball: http://download.augeas.net/augeas-1.8.1.tar.gz GPG signature: http://download.augeas.net/augeas-1.8.1.tar.gz.sig
_______________________________________________ augeas-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/augeas-devel
