Skip to content

Commit

Permalink
1.7.3
Browse files Browse the repository at this point in the history
  • Loading branch information
substack committed Oct 21, 2021
1 parent 5799416 commit 6a8a899
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 1 deletion.
4 changes: 4 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file.

This project adheres to [Semantic Versioning](http://semver.org/).

## 1.7.3
* Fix a security issue where the regex for windows drive letters allowed some shell meta-characters
to escape the quoting rules. (CVE-2021-42740)

## 1.7.2
* Fix a regression introduced in 1.6.3. This reverts the Windows path quoting fix. ([144e1c2](https://github.com/substack/node-shell-quote/commit/144e1c20cd57549a414c827fb3032e60b7b8721c))

Expand Down
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"name": "shell-quote",
"description": "quote and parse shell commands",
"version": "1.7.2",
"version": "1.7.3",
"author": {
"name": "James Halliday",
"email": "[email protected]",
Expand Down
1 change: 1 addition & 0 deletions security.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
# Security Policy

## Supported Versions

Only the latest major version is supported at any given time.

## Reporting a Vulnerability
Expand Down

0 comments on commit 6a8a899

Please sign in to comment.