diff options
author | Ryan Gonzalez <ryan.gonzalez@collabora.com> | 2023-03-04 21:07:03 -0600 |
---|---|---|
committer | Simon McVittie <smcv@collabora.com> | 2023-03-16 09:54:14 +0000 |
commit | 7fe63f2e8f1fd2dafc31d45154cf0b191ebec66c (patch) | |
tree | b50856ca3fc48a2a13a1ffca3aecb6f1f7651951 /app | |
parent | 6cac99dafe6003c8a4bd5666341c217876536869 (diff) | |
download | flatpak-7fe63f2e8f1fd2dafc31d45154cf0b191ebec66c.tar.gz |
Reject paths given to --filesystem/--persist with special characters
There isn't much in the way of legit reasons for this, but it's a
potential security footgun when displaying the text.
CVE-2023-28101, GHSA-h43h-fwqx-mpp8
Signed-off-by: Ryan Gonzalez <ryan.gonzalez@collabora.com>
Co-authored-by: Simon McVittie <smcv@collabora.com>
Diffstat (limited to 'app')
0 files changed, 0 insertions, 0 deletions