All versions of the HTTPie package prior to version 1.0.3 are vulnerable to
Open Redirect that allows an attacker to write an arbitrary file with
supplied filename and content to the current directory, by redirecting a
request from HTTP to a crafted URL pointing to a server in his or hers
Maintainer(s), please cleanup.
Security, please vote.
> Maintainer(s), please cleanup.
Cleanup will be done once the attached pull request is merged by either proxy-maint or the security team.
The bug has been closed via the following commit(s):
Author: Ralph Seichter <firstname.lastname@example.org>
AuthorDate: 2019-12-02 23:20:43 +0000
Commit: Joonas Niilola <email@example.com>
CommitDate: 2019-12-03 14:17:18 +0000
net-misc/httpie: Remove vulnerable ebuild
Package-Manager: Portage-2.3.79, Repoman-2.3.16
Signed-off-by: Ralph Seichter <firstname.lastname@example.org>
Signed-off-by: Joonas Niilola <email@example.com>
net-misc/httpie/Manifest | 1 -
net-misc/httpie/httpie-1.0.2-r1.ebuild | 43 ----------------------------------
2 files changed, 44 deletions(-)
GLSA Vote: No
Repository is clean, all done!