Skip to content

[3.6] bpo-30730: Prevent environment variables injection in subprocess on Windows. (GH-2325) #2360

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jun 23, 2017

Conversation

serhiy-storchaka
Copy link
Member

Prevent passing other invalid environment variables and command arguments..
(cherry picked from commit d174d24)

…s on Windows. (pythonGH-2325)

Prevent passing other invalid environment variables and command arguments..
(cherry picked from commit d174d24)
@serhiy-storchaka serhiy-storchaka added the type-security A security issue label Jun 23, 2017
@serhiy-storchaka serhiy-storchaka merged commit e713575 into python:3.6 Jun 23, 2017
@serhiy-storchaka serhiy-storchaka deleted the backport-d174d24-3.6 branch June 23, 2017 17:20
ned-deily pushed a commit to ned-deily/cpython that referenced this pull request Jul 7, 2017
…s on Windows. (pythonGH-2325) (python#2360)

Prevent passing other invalid environment variables and command arguments..
(cherry picked from commit d174d24)
(cherry picked from commit e713575)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants