Debian Patches
Status for findutils/4.10.0-4
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001-updatedb-properly-quote-variables-and-avoid-redundan.patch | updatedb: properly quote variables and avoid redundant eval * locate/updatedb.sh (checkbinary): Remove 'eval' before echo which serves no purpose here, but instead open an attack surface if the given binary contains dangerously crafted content. Add proper quotes in the caller loop as well. * NEWS: Mention the fix. Reported by MichaĆ Majchrowicz <mmajchrowicz@afine.com>. |
Bernhard Voelker <mail@bernhard-voelker.de> | no | 2026-04-26 |