mirror of
https://github.com/xonsh/xonsh.git
synced 2025-03-04 08:24:40 +01:00
c1e9186fe3
Some checks are pending
Build and deploy docs / Xonsh docs to gh-pages (push) Waiting to run
CI Tests / Test Python 3.10 macOS-latest (push) Waiting to run
CI Tests / Test Python 3.11 macOS-latest (push) Waiting to run
CI Tests / Test Python 3.12 macOS-latest (push) Waiting to run
CI Tests / Test Python 3.13 macOS-latest (push) Waiting to run
CI Tests / Test Python 3.10 ubuntu-latest (push) Waiting to run
CI Tests / Test Python 3.11 ubuntu-latest (push) Waiting to run
CI Tests / Test Python 3.12 ubuntu-latest (push) Waiting to run
CI Tests / Test Python 3.13 ubuntu-latest (push) Waiting to run
CI Tests / Test Python 3.10 windows-latest (push) Waiting to run
CI Tests / Test Python 3.11 windows-latest (push) Waiting to run
CI Tests / Test Python 3.12 windows-latest (push) Waiting to run
CI Tests / Test Python 3.13 windows-latest (push) Waiting to run
* Fix SQL injection in history delete on the sqlite backend Also, return a value from history delete on the sqlite backend. Otherwise the command always responded with "Deleted None entries from history". Also, use XH_SQLITE_TABLE_NAME consistently across xonsh.history.sqlite. Before, most of the calls used the variable, but part of them hard-coded the table name. * Add news entry * Fix ReST syntax in changelog entry
7 lines
260 B
ReStructuredText
7 lines
260 B
ReStructuredText
**Security:**
|
|
|
|
* The ``history delete`` action on the sqlite backend used to
|
|
pass matched history lines to a SQL statement without sanitization.
|
|
This could lead to unexpected SQL being run on the history database.
|
|
This is now fixed. Security risk: low.
|
|
|