Merge branch 'ah/fix-open-with-stdin'

This addresses CVE-2025-27614, Arbitrary command execution with Gitk:

A Git repository can be crafted in such a way that with some social
engineering a user who has cloned the repository can be tricked into
running any script (e.g., Bourne shell, Perl, Python, ...) supplied by
the attacker by invoking `gitk filename`, where `filename` has a
particular structure. The script is run with the privileges of the user.

* ah/fix-open-with-stdin:
  gitk: encode arguments correctly with "open"

Signed-off-by: Johannes Sixt <j6t@kdbg.org>

0 files changed, 0 insertions, 0 deletions