069037a0c9
- New upstream release 3.6.4
* This release contains a complete fix for the test suite failure in fish
3.6.2 and 3.6.3.
- New upstream release 3.6.3
* This release contains a fix for a test suite failure in fish 3.6.2.
- New upstream release 3.6.2
This release of fish contains a security fix for CVE-2023-49284, a minor security problem identified
in fish 3.6.1 and previous versions (thought to affect all released versions of fish).
fish uses certain Unicode non-characters internally for marking wildcards and expansions. It
incorrectly allowed these markers to be read on command substitution output, rather than
transforming them into a safe internal representation.
For example, ``echo \UFDD2HOME`` has the same output as ``echo $HOME``.
While this may cause unexpected behavior with direct input, this may become a minor security problem
if the output is being fed from an external program into a command substitution where this output
may not be expected. (bsc#1217808, CVE-2023-49284)
- Enable tests
OBS-URL: https://build.opensuse.org/request/show/1132463
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/fish?expand=0&rev=40
|
||
|---|---|---|
| .gitattributes | ||
| .gitignore | ||
| fish-3.6.4.tar.xz | ||
| fish-3.6.4.tar.xz.asc | ||
| fish.changes | ||
| fish.keyring | ||
| fish.spec | ||