[Expired for Bazaar because there has been no activity for 60 days.]
** Changed in: bzr
Status: Incomplete => Expired
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1694007
Title:
[Expired for bzr (Ubuntu) because there has been no activity for 60
days.]
** Changed in: bzr (Ubuntu)
Status: Incomplete => Expired
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1694007
I'm not sure I follow, that's how shell expansion works.
** Changed in: bzr
Status: New => Incomplete
** Changed in: bzr (Ubuntu)
Status: Confirmed => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Tags removed: check-for-breezy
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1694007
Title:
externalcommand.py : Shell injection with a Path name
To manage notifications about this bug go to:
** Tags added: check-for-breezy
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1694007
Title:
externalcommand.py : Shell injection with a Path name
To manage notifications about this bug go to:
As you can see above, help() does not show the help of program abc but
runs a shell command in the middle of the path and the path gets broken.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1694007
As far as I know, this is intentional. Where is this problematic? You
should not use this for unvalidated externally provided commands.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1694007
Title:
Thanks for taking your time to report this isuse and help making Ubuntu
better.
I was able to reproduce this with bzr 2.7.0+bzr6619-7 on Ubuntu 17.04,
so it is still present in the latest packaged version.
** Also affects: bzr
Importance: Undecided
Status: New
** Changed in: bzr
Screenshot
** Attachment added: "Screenshot"
https://bugs.launchpad.net/ubuntu/+source/bzr/+bug/1694007/+attachment/4884537/+files/screenshot.png
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.