The Dockerfile compiler doesn't currently escape any config values when writing its instructions to the buffer. This may cause unexpected breakage and should also be considered a vulnerability open to instruction injection. Let's escape these values.
Description
Description
Revisions and Commits
Revisions and Commits
rGBLBR Blubber | |||
D705 | rGBLBR3ad2c475d963 Escape docker output |
Event Timeline
Restricted Application added a project: Release-Engineering-Team (Kanban). · View Herald TranscriptJun 15 2017, 6:25 PM2017-06-15 18:25:39 (UTC+0)
thcipriani moved this task from Backlog to In-progress on the Release-Engineering-Team (Kanban) board.Jun 26 2017, 4:37 PM2017-06-26 16:37:31 (UTC+0)
thcipriani closed this task as Resolved by committing rGBLBR3ad2c475d963: Escape docker output.Jul 11 2017, 3:56 PM2017-07-11 15:56:22 (UTC+0)
• Phabricator_maintenance edited projects, added RelEng-Archive-FY201718-Q1; removed Release-Engineering-Team (Kanban).Sep 26 2017, 11:45 PM2017-09-26 23:45:30 (UTC+0)