*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Marc Deslauriers (mdeslaur):
Steps to reproduce: $ printf 'test:\n~! echo ALERT\nbye!\n' | mail TO_SOME_ADDRESS Observed: "ALERT" is printed to standard output. Expected: String "~! echo ALERT" shall be send as second line of the mail. Command escapes should only be processed if used interactively. Related security issues: https://security-tracker.debian.org/tracker/CVE-2021-32749 https://www.smartmontools.org/ticket/1535 Fixed in mailutils 3.13, see https://savannah.gnu.org/bugs/?60937 Regards, Christian Franke smartmontools.org ** Affects: mailutils (Ubuntu) Importance: Undecided Status: New ** Tags: community-security -- mail(1) processes command escapes also if used non-interactively https://bugs.launchpad.net/bugs/1948712 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
