[Pkg-sass-devel] Bug#870186: Bug#870186: libsass: CVE-2017-11608
Jonas Smedegaard
jonas at jones.dk
Mon Mar 11 12:49:36 GMT 2019
Quoting Jonas Smedegaard (2019-03-11 13:43:41)
> POC on Debian stretch with libsass1 3.4.3-1 and sassc 3.4.2-1:
>
> Error: Invalid UTF-8 sequence
> on line 1 of /attachment.cgi?id=1303540
> >> "�d\
> -^
Correction: Aboce was with libsass1 3.5.5-2 and sassc 3.5.0-1.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-sass-devel/attachments/20190311/5753d3f1/attachment.sig>
More information about the pkg-sass-devel
mailing list