kolan
/
CMake
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
CMake/Help/release
History
Justin Clift 11768733d3 NSIS: Quote uninstaller path when executing it in a shell 
Protect our `$0` reference in the shell as `"$0"`.  Otherwise it works
with a space in the path only due to an insecure Windows feature.

Prior to this fix, any installer using the option added by commit
v2.8.9~234^2 (Added CPACK_NSIS_ENABLE_UNINSTALL_BEFORE_INSTALL,
2011-06-11) exposes a local privilege escalation vulnerability.

Reported-by: Amir Szekely <kichik@gmail.com>
Reported-by: Ug_0 Security
 		2016-07-21 10:05:46 -04:00
..
3.0.rst Help: Rename 3.x.0 release notes to 3.x 2015-02-05 09:50:56 -05:00
3.1.rst Help: Rename 3.x.0 release notes to 3.x 2015-02-05 09:50:56 -05:00
3.2.rst Merge topic 'private-FindJsonCpp' 2015-02-23 10:26:30 -05:00
3.3.rst Windows-GNU: Restore find_library treatment of '.dll' as linkable (#15409) 2015-06-08 10:16:18 -04:00
3.4.rst Help: Add release note about compile rule placeholder changes (#15787) 2015-10-13 11:44:59 -04:00
3.5.rst CMakeForceCompiler: De-deprecate until more use cases have alternatives 2016-02-17 09:15:18 -05:00
3.6.rst NSIS: Quote uninstaller path when executing it in a shell 2016-07-21 10:05:46 -04:00
dev.txt Help: Add documents to collect notes between releases 2014-02-04 11:48:54 -05:00
index.rst Help: Drop development topic notes to prepare release 2016-06-01 10:55:45 -04:00