Public bug reported:
/etc/update-motd.d/50-motd-news contains a function called "safe_print".
Its documentation says it does not print control characters, but this is
false. If you look at the `tr` command it prints \012 (Device Control 2
aka. DC2 aka. ␒) and \015 (Negative Acknowledge aka. NAK aka. ␕) from
the source. I don't know why it would do that, or whether it could
possibly be a security issue, especially since it makes the code more
complex than it should be (`tr -d '\000-\011\013\014\016-\037'` vs `tr
-d '\000-\037'`). A quick `/etc/update-motd.d/50-motd-news --force |
grep $'\x12\|\x15'` returned exit code 1, so it's not part of the
current MOTD.
** Affects: base-files (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1857733
Title:
MOTD "safe_print" prints control characters
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/base-files/+bug/1857733/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
