Bug#848132: most is vulnerable to a shell injection attack using LZMA-compressed files

Thanks for this. I'll upload a patch for the version in unstable right away. Later, Mako > Package: most > Version: 5.0.0a-1 > Severity: grave > Tags: security patch > Justification: user security hole > > Hello, > > the most pager can automatically open files compressed with gzip, > bzip2 an

Bug#848132: most is vulnerable to a shell injection attack using LZMA-compressed files

Package: most Version: 5.0.0a-1 Severity: grave Tags: security patch Justification: user security hole Hello, the most pager can automatically open files compressed with gzip, bzip2 and (in Debian) LZMA. This is done using popen() and, in earlier releases of most, it was vulnerable to a shell in