projects / exim.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b09c179) | patch
Refuse to open a msglog file with .. in the path.
authorJeremy Harris <jgh146exb@wizmail.org>
Tue, 10 Sep 2019 11:29:12 +0000 (12:29 +0100)
committerJeremy Harris <jgh146exb@wizmail.org>
Tue, 10 Sep 2019 11:33:28 +0000 (12:33 +0100)
commit8f84b06a462cb02821c09aeeb8ca77f1bbdc00cb
tree38c9dc26019ece495203b806d87ae214712530c3tree | snapshot (zip tar.gz)
parentb09c17939112f84e689a9c1343f00ca84610325dcommit | diff
Refuse to open a msglog file with .. in the path.

Recent exploits have use this as a step for overwriting system files,
and msglog file should always be under the spooldir, so add this as
a defence-in-depth tactic
src/src/deliver.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.