[security][3.3] bpo-30730: Prevent environment variables injection in subprocess on Windows. (GH-2325) by serhiy-storchaka · Pull Request #2363 · python/cpython
Navigation Menu
{{ message }}
- Notifications You must be signed in to change notification settings
- Fork 34.5k
Merged
ned-deily merged 4 commits intopython:3.3from
Jul 19, 2017Conversation
Copy link Copy Markdown
Member
serhiy-storchaka
commented
Jun 23, 2017
serhiy-storchaka
commented
Prevent passing other invalid environment variables and command arguments..
(cherry picked from commit d174d24)
the-knights-who-say-ni
added
the
CLA signed
label
Copy link Copy Markdown
mention-bot
commented
Jun 23, 2017
mention-bot commented
Jun 23, 2017@serhiy-storchaka, thanks for your PR! By analyzing the history of the files in this pull request, we identified @gvanrossum, @gpshead and @tim-one to be potential reviewers.
…s on Windows. (pythonGH-2325) Prevent passing other invalid environment variables and command arguments.. (cherry picked from commit d174d24)
serhiy-storchaka
force-pushed
the
backport-d174d24-3.3
branch
from
b414d61 to
84bfcb8
Compare
vstinner
changed the title
[3.3] bpo-30730: Prevent environment variables injection in subprocess on Windows. (GH-2325)
[security][3.3] bpo-30730: Prevent environment variables injection in subprocess on Windows. (GH-2325)
vstinner approved these changes Jun 28, 2017
vstinner
requested a review
from ned-deily
serhiy-storchaka added 2 commits
July 1, 2017 08:15
vstinner
mentioned this pull request
ned-deily
merged commit
e46f1c1
into
python:3.3
ned-deily
removed their request for review
serhiy-storchaka
deleted the
backport-d174d24-3.3
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment