SecBSD/ports
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

SecBSD's official ports repository

Browse source
This commit is contained in:
purplerain 2023-08-16 22:26:55 +00:00
commit 2c0afcbbf3
Signed by: purplerain
GPG key ID: F42C07F07E2E35B7
64331 changed files with 5339189 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

26
sysutils/backuppc/patches/patch-lib_BackupPC_CGI_View_pm Normal file
View file

@ -0,0 +1,26 @@
First chunk:
Security fix for SA46615
BackupPC "num" Cross-Site Scripting Vulnerability
From http://patches.ubuntu.com/b/backuppc/backuppc_3.2.1-1ubuntu2.patch
--- lib/BackupPC/CGI/View.pm.orig Sun Apr 14 22:43:32 2013
+++ lib/BackupPC/CGI/View.pm Tue Dec 3 22:53:53 2013
@@ -46,7 +46,7 @@ sub action
my $compress = 0;
my $fh;
my $host = $In{host};
- my $num = $In{num};
+ my $num = ${EscHTML($In{num})};
my $type = $In{type};
my $linkHosts = 0;
my($file, $comment);
@@ -89,7 +89,7 @@ sub action
$file = $bpc->ConfDir() . "/hosts";
$linkHosts = 1;
} elsif ( $type eq "docs" ) {
- $file = $bpc->InstallDir() . "/doc/BackupPC.html";
+ $file = $bpc->InstallDir() . "/share/doc/backuppc/BackupPC.html";
} elsif ( $host ne "" ) {
if ( !defined($In{num}) ) {
# get the latest LOG file