Accepted fish 3.6.0-3.1+deb12u1 (source) into proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 21 Dec 2023 14:47:56 -0500
Source: fish
Architecture: source
Version: 3.6.0-3.1+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Tristan Seligmann <mithrandi@debian.org>
Changed-By: Mo Zhou <lumin@debian.org>
Closes: 1057455
Changes:
fish (3.6.0-3.1+deb12u1) bookworm; urgency=medium
.
* Cherry-pick upstream fix for CVE-2023-49284. (Closes: #1057455)
fish shell uses certain Unicode non-characters internally for marking
wildcards and expansions. It will incorrectly allow these markers to be
read on command substitution output, rather than transforming them into
a safe internal representation.
Checksums-Sha1:
7f77e40a90a38b8cc1c7cd95d4d11a10ba66bcac 2342 fish_3.6.0-3.1+deb12u1.dsc
ac30fa9d42b3119496f40e1194bf60079c85c5c5 21084 fish_3.6.0-3.1+deb12u1.debian.tar.xz
0cd536a7ea23a450b3404a09e8b34ab7b428bb49 8278 fish_3.6.0-3.1+deb12u1_source.buildinfo
Checksums-Sha256:
0a88b1a0fb01d8aaecd2e7e5074db9e13fd415503b306da8e9670cd89e26242b 2342 fish_3.6.0-3.1+deb12u1.dsc
21d391440fac547ce9c4b67f9c9be580372da9b8ab8cee6ec781aa859685cf08 21084 fish_3.6.0-3.1+deb12u1.debian.tar.xz
79cefb698b80ee02bc377f96ae6b41b11f2bbf0a1c083e6c61150dad67308ad9 8278 fish_3.6.0-3.1+deb12u1_source.buildinfo
Files:
84e2d5ddb40774ef9275df5f4aa9bc4b 2342 shells optional fish_3.6.0-3.1+deb12u1.dsc
1b09e26f87f16010e5d4abd515e605a2 21084 shells optional fish_3.6.0-3.1+deb12u1.debian.tar.xz
faba747ba0735b8f6522e81196f95e64 8278 shells optional fish_3.6.0-3.1+deb12u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJFBAEBCgAvFiEEY4vHXsHlxYkGfjXeYmRes19oaooFAmWGaswRHGx1bWluQGRl
Ymlhbi5vcmcACgkQYmRes19oaorL0RAAlat7HxzTaFhnBnOYcZZbh0fMezusmep1
a133B/lri0C0OlSoLLDNvOjJQrVbfyfUyEXJnFtq4+TsCaFs5mJ73YPK+yXcUJf1
55RmyfT0yYL2tK8WKCVLMy4UC8JbC2hmB7GBzk8eHjQ7h3W8eTNQkM54C+bGCFyK
hfc7OJmPOe44gujvCVqLded1b4mxPF0UYYLFVSyYI4A73KIlmn3z0UW4z305iWUK
+fTHi/YQ1wdHT0Mhicu+WaCFsNAA1Em445s2H2TcXxy7S1zV/QYkG4SsUJwDpni/
g5q/8p64fYhwAh8PNNU1i8JhS3gCz/Nzdj9ugoP6Z9pVv1HBWuJUeaAgX28QAP0t
7tc8Rq/aF5LPFviVAdfi3xSe3WPyznZ7DuhC5ua2nfVQmyxLy/sINfQ+RDGBtevi
CPUO4bKY4lhcPfvTRY4wEpEEBQXilleuq/om2zLhmII5L3rKME1mIob/+Dc4GcWi
mMz9HNMDfyIbN/eIW8YaGANajInzORRtpjRDHSs7lVR52C93Zu2RpDoZY7a4E58J
DywhHOvZpKlExSwmsTGr9++hoXb2IKxo81oce1XTcS/WOUDuNOkEXlozDDZXevRg
tg6Lekh55NjVdBkHMmYhr2ND6PHcOrEEL34ByxeXatSqXY3/Cn5gnw4uydZHPR6Z
ivVJZ79LEoU=
=UprW
-----END PGP SIGNATURE-----
Reply to: