https://github.com/Kitware/CMake
Revision 11768733d321df55b0efcb70b278c71b8e216cf7 authored by Justin Clift on 15 July 2016, 13:18:37 UTC, committed by Brad King on 21 July 2016, 14:05:46 UTC
Protect our `$0` reference in the shell as `"$0"`. Otherwise it works with a space in the path only due to an insecure Windows feature. Prior to this fix, any installer using the option added by commit v2.8.9~234^2 (Added CPACK_NSIS_ENABLE_UNINSTALL_BEFORE_INSTALL, 2011-06-11) exposes a local privilege escalation vulnerability. Reported-by: Amir Szekely <kichik@gmail.com> Reported-by: Ug_0 Security
1 parent e31084e
Tip revision: 11768733d321df55b0efcb70b278c71b8e216cf7 authored by Justin Clift on 15 July 2016, 13:18:37 UTC
NSIS: Quote uninstaller path when executing it in a shell
NSIS: Quote uninstaller path when executing it in a shell
Tip revision: 1176873
| File | Mode | Size |
|---|---|---|
| Auxiliary | ||
| Help | ||
| Licenses | ||
| Modules | ||
| Packaging | ||
| Source | ||
| Templates | ||
| Tests | ||
| Utilities | ||
| .clang-format | -rw-r--r-- | 217 bytes |
| .gitattributes | -rw-r--r-- | 658 bytes |
| .hooks-config.bash | -rw-r--r-- | 866 bytes |
| CMakeCPack.cmake | -rw-r--r-- | 8.8 KB |
| CMakeCPackOptions.cmake.in | -rw-r--r-- | 11.0 KB |
| CMakeGraphVizOptions.cmake | -rw-r--r-- | 153 bytes |
| CMakeLists.txt | -rw-r--r-- | 26.6 KB |
| CMakeLogo.gif | -rw-r--r-- | 4.4 KB |
| CONTRIBUTING.rst | -rw-r--r-- | 1.3 KB |
| CTestConfig.cmake | -rw-r--r-- | 870 bytes |
| CTestCustom.cmake.in | -rw-r--r-- | 5.3 KB |
| CompileFlags.cmake | -rw-r--r-- | 3.1 KB |
| Copyright.txt | -rw-r--r-- | 2.6 KB |
| DartConfig.cmake | -rw-r--r-- | 804 bytes |
| README.rst | -rw-r--r-- | 2.9 KB |
| bootstrap | -rwxr-xr-x | 45.5 KB |
| cmake_uninstall.cmake.in | -rw-r--r-- | 790 bytes |
| configure | -rwxr-xr-x | 99 bytes |
| doxygen.config | -rw-r--r-- | 27.4 KB |
Computing file changes ...
