The Dockerfile compiler doesn't currently escape any config values when writing its instructions to the buffer. This may cause unexpected breakage and should also be considered a vulnerability open to instruction injection. Let's escape these values.
Description
Description
Revisions and Commits
Revisions and Commits
rGBLBR Blubber | |||
D705 | rGBLBR3ad2c475d963 Escape docker output |
Event Timeline
Restricted Application added a project: Release-Engineering-Team (Kanban). · View Herald TranscriptJun 15 2017, 6:25 PM
thcipriani moved this task from Backlog to In-progress on the Release-Engineering-Team (Kanban) board.Jun 26 2017, 4:37 PM
thcipriani closed this task as Resolved by committing rGBLBR3ad2c475d963: Escape docker output.Jul 11 2017, 3:56 PM
Phabricator_maintenance edited projects, added RelEng-Archive-FY201718-Q1; removed Release-Engineering-Team (Kanban).Sep 26 2017, 11:45 PM