system-config

History

Jeremy Stanley 8500dcf394 Patch acme.sh/4659 for arbitrary command execution Temporarily cherry-pick the commits which fix "acme.sh runs arbitrary commands from a remote server" https://github.com/acmesh-official/acme.sh/issues/4659 as trivial backports on top of their 3.0.5 release until such time as we can upgrade. This addresses a remote code execution vulnerability (no CVE assigned yet) which could be exploited by the ACME protocol operator, in our case the admins of the Let's Encrypt certificate authority. Change-Id: Ib052901a7aa08a9fdbd01d623f4b5d3eee938401	2023-06-11 20:41:11 +00:00
..
main.yaml	Patch acme.sh/4659 for arbitrary command execution	2023-06-11 20:41:11 +00:00

Jeremy Stanley 8500dcf394 Patch acme.sh/4659 for arbitrary command execution

Temporarily cherry-pick the commits which fix "acme.sh runs
arbitrary commands from a remote server"
https://github.com/acmesh-official/acme.sh/issues/4659 as trivial
backports on top of their 3.0.5 release until such time as we can
upgrade. This addresses a remote code execution vulnerability (no
CVE assigned yet) which could be exploited by the ACME protocol
operator, in our case the admins of the Let's Encrypt certificate
authority.

Change-Id: Ib052901a7aa08a9fdbd01d623f4b5d3eee938401

2023-06-11 20:41:11 +00:00

main.yaml

Patch acme.sh/4659 for arbitrary command execution

2023-06-11 20:41:11 +00:00