mirror of
https://gitlab.com/fdroid/fdroidserver.git
synced 2024-11-18 20:50:10 +01:00
b851d49d24
There are all sorts of unfiltered user inputs like tag and branch names in source repos. If those names are fed into popen calls that use shell=True, that opens up a wide range of exploits. All core operations should never use shell=True. |
||
---|---|---|
.. | ||
install-hooks.sh | ||
pre-commit |