The observant will notice that the insufficient sanitation of filenames in zgrep (CAN-2005-0758) also applies to bzgrep. Attached patch is from fedora3, altered to force the use of bash now that we are passing bash-specific constructions to it (that part is from ubuntu).
Also at http://www.kenmoffat.uklinux.net/patches/ Ken -- das eine Mal als Tragödie, das andere Mal als Farce
bzip2-1.0.3-bzgrep_security-1.patch.gz
Description: application/gunzip
-- http://linuxfromscratch.org/mailman/listinfo/patches FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
