diff options
Diffstat (limited to 'doc/security.mdwn')
-rw-r--r-- | doc/security.mdwn | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/doc/security.mdwn b/doc/security.mdwn index ba3eac187..200ae29e2 100644 --- a/doc/security.mdwn +++ b/doc/security.mdwn @@ -420,7 +420,7 @@ later that day, in version 2.70. The fix was backported to testing as version ## Insufficient blacklisting in teximg plugin -Josh Tripplet discovered on 28 Aug 2009 that the teximg plugin's +Josh Triplett discovered on 28 Aug 2009 that the teximg plugin's blacklisting of insecure TeX commands was insufficient; it could be bypassed and used to read arbitrary files. This was fixed by enabling TeX configuration options that disallow unsafe TeX commands. |