Wednesday, April 13, 2022

Re: Security: CVE-2022-1271: That xzgrep etc. vulnerability

On Thu, Apr 14, 2022 at 12:03:33AM +0200, Christian Weisgerber wrote:
> Christian Weisgerber:
>
> > * archivers/unzip (zipgrep) -- AFFECTED
> > archive member names are extracted with unzip -Z1, which renders
> > \n as ^J. However, the result is processed by shell command
> > substitution, so it undergoes field splitting and pathname
> > expansion. If a file with an exploitable name is present in the
> > current working directory, a archive member with a shell wildcard
> > in its name may inadvertently feed it to sed. Yes, it's convoluted.
> > The xzgrep fix can be applied.
>
> Patch below.

ok

No comments:

Post a Comment