[Rpm-maint] [rpm-software-management/rpm] spec file preprocessing on rpm level (#1472)
Michal Novotný
notifications at github.com
Fri Jan 28 17:27:38 UTC 2022
> Consider a tool that generates changelogs from user-provided input. Changelogs are not executable in any way, so even if they come from untrusted sources, it should be sufficient to ensure they are properly escaped, well-formed, and only contain printable ASCII. A preprocessor like you mentioned breaks this assumption.
I don't really understand what assumption is broken, by what way and by which tool. Can you be more specific, please or show an example?
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1472#issuecomment-1024443861
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/issues/1472/1024443861 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20220128/1f6eb37d/attachment.html>
More information about the Rpm-maint
mailing list