On 20 Jul 2016, at 13:58, Brad King <brad.k...@kitware.com> wrote: > On 07/20/2016 02:31 AM, Justin Clift wrote: >> Amir pointed out there may be other locations with the same >> unquoted path problem in the template. > > Thanks. I'm not very familiar with NSIS or the syntax in the > template file so we'll be dependent on others to find/fix any > remaining problems.
k. Are there people who could be proactively reached out to, or is it more of a "pray and hope for the best" thing? :) > Meanwhile I've revised the commit message to update the credits: > > NSIS: Quote uninstaller path when executing it in a shell > https://cmake.org/gitweb?p=cmake.git;a=commitdiff;h=057f21ae > > I've queued this for merge to 'release' for 3.6.1. Cool. Is there an ETA for that? Asking because until then, every Windows installer generated by CMake with CPACK_NSIS_ENABLE_UNINSTALL_BEFORE_INSTALL enabled will be bundling a local privilege escalation to Admin. While that's not "the sky is falling" stuff... ;) it seems like something better fixed sooner rather than later. Cyril's question about a CVE is valid too. This should probably be written up. :) Do you guys want to do that, or should Cyril begin the process? Regards and best wishes, Justin Clift -- "My grandfather once told me that there are two kinds of people: those who work and those who take the credit. He told me to try to be in the first group; there was less competition there." - Indira Gandhi -- Powered by www.kitware.com Please keep messages on-topic and check the CMake FAQ at: http://www.cmake.org/Wiki/CMake_FAQ Kitware offers various services to support the CMake community. For more information on each offering, please visit: CMake Support: http://cmake.org/cmake/help/support.html CMake Consulting: http://cmake.org/cmake/help/consulting.html CMake Training Courses: http://cmake.org/cmake/help/training.html Visit other Kitware open-source projects at http://www.kitware.com/opensource/opensource.html Follow this link to subscribe/unsubscribe: http://public.kitware.com/mailman/listinfo/cmake-developers
