Hi all, A heads-up that I'm preparing a rebase of Fish in EPEL 9 to address this CVE https://bugzilla.redhat.com/show_bug.cgi?id=2253972 > Code execution does not appear to be possible, but denial of service (through large brace expansion) or information disclosure (such as variable expansion) is potentially possible under certain circumstances It's not a high severity, and there are several very minor behavioral changes in every 3.Y.0 minor releases since 3.3.1, so I figure I'll play it safe and treat it as an incompatible update and flag it to this list first. Best regards, -- _o) Michel Lind _( ) identities: https://keyoxide.org/5dce2e7e9c3b1cffd335c1d78b229d2f7ccc04f2 README: https://fedoraproject.org/wiki/User:Salimma#README
Attachment:
signature.asc
Description: PGP signature
-- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
