Jeremy Stanley 8500dcf394 Patch acme.sh/4659 for arbitrary command execution
Temporarily cherry-pick the commits which fix "acme.sh runs
arbitrary commands from a remote server"
https://github.com/acmesh-official/acme.sh/issues/4659 as trivial
backports on top of their 3.0.5 release until such time as we can
upgrade. This addresses a remote code execution vulnerability (no
CVE assigned yet) which could be exploited by the ACME protocol
operator, in our case the admins of the Let's Encrypt certificate
authority.

Change-Id: Ib052901a7aa08a9fdbd01d623f4b5d3eee938401
2023-06-11 20:41:11 +00:00
..
2020-02-12 16:39:11 +11:00
2022-05-05 08:36:20 -07:00
2020-11-20 19:13:32 +11:00
2023-02-13 23:54:59 +00:00
2023-05-03 14:42:08 -07:00
2022-06-28 18:41:17 +10:00
2023-04-19 09:53:10 +10:00
2020-04-16 12:45:36 -05:00
2022-09-28 14:22:58 -07:00
2022-05-04 13:08:28 -07:00
2023-05-12 10:10:50 -07:00
2018-08-23 21:34:42 +10:00
2022-09-22 15:06:46 -07:00
2023-06-03 07:07:02 -07:00