Commit e022d704 authored by J.H.M. Dassen (Ray)'s avatar J.H.M. Dassen (Ray)

Backport of fix for CVE-2009-0318 [#569648]

svn path=/branches/gnumeric-1-6/; revision=17113
parent 91a315f8
2009-01-29 Jon K Hellan <hellan@acm.org>
* gnm-py-interpreter.c (gnm_py_interpreter_new): Work around
security vulnerability in Python by making argv start with
"/dev/null". CVE-2009-0318. #569648.
2006-03-19 Jody Goldberg <jody@gnome.org>
* Release 1.6.3
......
......@@ -79,7 +79,7 @@ gnm_py_interpreter_class_init (GObjectClass *gobject_class)
G_TYPE_NONE, 0);
}
static char *plugin_argv[] = {(char *) "gnumeric", NULL};
static char *plugin_argv[] = {(char *) "/dev/null/python/is/buggy/gnumeric", NULL};
GnmPyInterpreter *
gnm_py_interpreter_new (GOPlugin *plugin)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment