New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix CVE command injection #15
Fix CVE command injection #15
Conversation
tomtaylor
commented
Nov 22, 2022
•
edited
edited
- Use Open3 to prevent command injection, fixing https://github.com/affix/CVE-2022-36231
- Fix Title metadata
- Fix tests
pdfinfo seems to be able to parse this file now, so let's remove this test.
|
I currently am the only owner of this Rubygem, but am unable to write to this repo since leaving Newspaper Club many years ago. I'd like to get this fix merged and released and transfer ownership to someone who can manage this project. Is that you @Michael-Kurt or @jaisoncoelho? If not, I'll fork the repo. |
|
Hi @tomtaylor! You can assign that PR/fix to @jaisoncoelho for review and merge. Thanks for reaching out. |
|
Thanks @Michael-Kurt - unfortunately I'm not able to assign anything in this repo. |
|
No problem. I will assign it. Thanks @tomtaylor |
|
@tomtaylor I'd like to thank you for let us aware regarding the CVE. |