diff options
| author | Vanilla I. Shu <vanilla@FreeBSD.org> | 2015-11-19 05:57:25 +0000 |
|---|---|---|
| committer | Vanilla I. Shu <vanilla@FreeBSD.org> | 2015-11-19 05:57:25 +0000 |
| commit | 21b9da16e2557d7d40a39ccabe7ebb96bd754e4c (patch) | |
| tree | 2ab600954a35c329b9bb5c2724d955411e6e864a /www | |
| parent | e022bb88566714047fdd35529588678a73324bbd (diff) | |
Notes
Diffstat (limited to 'www')
| -rw-r--r-- | www/twiki/files/patch-cve-2014-7236 | 17 |
1 files changed, 0 insertions, 17 deletions
diff --git a/www/twiki/files/patch-cve-2014-7236 b/www/twiki/files/patch-cve-2014-7236 deleted file mode 100644 index 3c8f0797b855..000000000000 --- a/www/twiki/files/patch-cve-2014-7236 +++ /dev/null @@ -1,17 +0,0 @@ -Obtained-from: http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-7236 ---- lib/TWiki/Plugins.pm.save1 2014-01-09 02:10:56.000000000 -0500 -+++ lib/TWiki/Plugins.pm 2014-10-01 20:30:36.000000000 -0400 -@@ -186,8 +186,11 @@ - - unless( $allDisabled ) { - if ( $query && defined( $query->param( 'debugenableplugins' ))) { -- @pluginList = split( /[,\s]+/, -- $query->param( 'debugenableplugins' )); -+ @pluginList = -+ grep { /Plugin$/ } -+ map { s/[^a-zA-Z0-9]//go; $_ } # Item7558: Sanitize parameter -+ split( /[,\s]+/, $query->param( 'debugenableplugins' )); -+ - } else { - if( $TWiki::cfg{PluginsOrder} ) { - foreach my $plugin( split( /[,\s]+/, |