https://github.com/Kitware/CMake
Revision 11768733d321df55b0efcb70b278c71b8e216cf7 authored by Justin Clift on 15 July 2016, 13:18:37 UTC, committed by Brad King on 21 July 2016, 14:05:46 UTC
Protect our `$0` reference in the shell as `"$0"`. Otherwise it works with a space in the path only due to an insecure Windows feature. Prior to this fix, any installer using the option added by commit v2.8.9~234^2 (Added CPACK_NSIS_ENABLE_UNINSTALL_BEFORE_INSTALL, 2011-06-11) exposes a local privilege escalation vulnerability. Reported-by: Amir Szekely <kichik@gmail.com> Reported-by: Ug_0 Security
1 parent e31084e
Tip revision: 11768733d321df55b0efcb70b278c71b8e216cf7 authored by Justin Clift on 15 July 2016, 13:18:37 UTC
NSIS: Quote uninstaller path when executing it in a shell
NSIS: Quote uninstaller path when executing it in a shell
Tip revision: 1176873
File | Mode | Size |
---|---|---|
Auxiliary | ||
Help | ||
Licenses | ||
Modules | ||
Packaging | ||
Source | ||
Templates | ||
Tests | ||
Utilities | ||
.clang-format | -rw-r--r-- | 217 bytes |
.gitattributes | -rw-r--r-- | 658 bytes |
.hooks-config.bash | -rw-r--r-- | 866 bytes |
CMakeCPack.cmake | -rw-r--r-- | 8.8 KB |
CMakeCPackOptions.cmake.in | -rw-r--r-- | 11.0 KB |
CMakeGraphVizOptions.cmake | -rw-r--r-- | 153 bytes |
CMakeLists.txt | -rw-r--r-- | 26.6 KB |
CMakeLogo.gif | -rw-r--r-- | 4.4 KB |
CONTRIBUTING.rst | -rw-r--r-- | 1.3 KB |
CTestConfig.cmake | -rw-r--r-- | 870 bytes |
CTestCustom.cmake.in | -rw-r--r-- | 5.3 KB |
CompileFlags.cmake | -rw-r--r-- | 3.1 KB |
Copyright.txt | -rw-r--r-- | 2.6 KB |
DartConfig.cmake | -rw-r--r-- | 804 bytes |
README.rst | -rw-r--r-- | 2.9 KB |
bootstrap | -rwxr-xr-x | 45.5 KB |
cmake_uninstall.cmake.in | -rw-r--r-- | 790 bytes |
configure | -rwxr-xr-x | 99 bytes |
doxygen.config | -rw-r--r-- | 27.4 KB |
Computing file changes ...