| | > Is there any detailed information about the bug that
> was addressed in v3.42-3.
Depending on the usage, it can be a minor or important issue.
The bug only impact the commandline arg parsing, and therefore the risk is
generally null (except if you want to attack your own machine), when using
httrack as a normal program.
However, if you generate a commandline from an external source, such as
automatic mirroring from a CGI application, or if the URL is injected by any
other external source to mirror automatically, it ca be a security risk.
| |
