github
/
notepad-plus-plus
mirror of https://github.com/notepad-plus-plus/notepad-plus-plus
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
notepad-plus-plus/PowerEditor/installer
History
Don Ho 686bf4fba1 Fix security flaw issue 
There's a security flaw for the un-installation of Notepad++ in Windows Register, the string without quotes:
C:\Program Files\Notepad++\uninstall.exe, whereas it should be "C:\Program Files\Notepad++\uninstall.exe".
The reason is, hacker can create a file called c:\program.exe, then Windows could interpret Files\Notepad++\uninstall.exe as the argument, so the system could run c:\program.exe. Ref:
https://isc.sans.edu/diary/Help+eliminate+unquoted+path+vulnerabilities/14464

Fixed by @ozone10:

Fix #10191, fix #6165, close #10369
 		2021-08-13 13:49:40 +02:00
..
APIs Add latest ES/JS keywords for auto-completion 2021-07-14 21:35:03 +02:00
bin
filesForTesting Add global regex unitTest via UDL way 2021-07-07 03:37:43 +02:00
functionList Fix Python Function List not showing functions 2021-05-11 23:48:22 +02:00
images Notepad++ 7.6.2 release Gilet Jaune Edition 2019-01-01 02:46:17 +01:00
nativeLang Update german.xml to v8.1.2 2021-08-03 19:44:57 +02:00
nsisInclude Fix security flaw issue 2021-08-13 13:49:40 +02:00
themes Switch to default dark theme as dark mode is enabled 2021-05-10 09:56:35 +02:00
nppSetup.nsi Fix ARM64 installer copying binaries to 32-bits applications' folder 2021-04-22 02:47:18 +02:00
packageAll.bat Add Markdown UDL of dark mode in release packages 2021-08-08 03:22:15 +02:00