Opened 2 years ago
Closed 2 years ago
#5166 closed enhancement (fixed)
man-db-2.11.1
| Reported by: | Bruce Dubbs | Owned by: | Xi Ruoyao |
|---|---|---|---|
| Priority: | normal | Milestone: | 11.3 |
| Component: | Book | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New point version.
Change History (4)
comment:1 by , 2 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 2 years ago
man-db 2.11.1 (15 November 2022)
Build:
- Transfer Git repository to https://gitlab.com/man-db/man-db.
Fixes:
- SECURITY: Replace
$characters in page names with?when constructinglessprompts. - Silence error message when processing an empty manual page hierarchy with a nonexistent cache directory.
man(1)now sorts whatis references below real pages, even if the whatis references are from a section with higher priority.
Improvements:
- Add section
3typeto the default section list just after2. This is used by the Linux man-pages package. - Recognize more Hungarian translations of the
NAMEsection.
comment:3 by , 2 years ago
From the upstream:
On Mon, Oct 17, 2022 at 10:15:08PM +0200, Jakub Wilk wrote:
"$" is a special character in $LESS, but man-db doesn't take care of neutralizing it. This could be exploited for arbitrary code execution if the user were tricked to run "man -l" on files with names crafted by the attacker.
Thanks, fixed upstream:
https://gitlab.com/cjwatson/man-db/-/commit/09304c00a4a3dea95da5d1f0aa1ad4c20c292f3b
(I think this is a niche enough case that I don't plan to put work into getting a CVE allocated, backporting fixes, etc. If somebody else thinks otherwise then they should feel free.)
So I'll not post a SA for this one.
comment:4 by , 2 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Fixed for trunk at r11.2-198-ge354e5846. Leaving #5162 open for SA.
I'll run a jhalfs build with full tests today.