c46022660b
Pkgsrc changes: o Apply fix from svn repository to fix an XSS bug in Apache::Status, ref. CVE-2009-0796.
35 lines
1.1 KiB
Text
35 lines
1.1 KiB
Text
$NetBSD: patch-ac,v 1.1 2009/06/15 17:42:04 he Exp $
|
|
|
|
This is revision 761081 from
|
|
http://svn.apache.org/viewvc/perl/modperl/branches/1.x/lib/Apache/Status.pm?view=log&pathrev=761081
|
|
Fixes an XSS bug in Apache::Status, ref. CVE-2009-0796.
|
|
|
|
--- lib/Apache/Status.pm.orig 2005/05/23 01:08:52 177851
|
|
+++ lib/Apache/Status.pm 2009/04/01 21:57:52 761081
|
|
@@ -72,7 +72,7 @@
|
|
$r->print(symdump($r, $newQ->($r), $qs));
|
|
}
|
|
else {
|
|
- my $uri = $r->uri;
|
|
+ my $uri = $r->location;
|
|
$r->print(
|
|
map { qq[<a href="$uri?$_">$status{$_}</a><br>\n] } keys %status
|
|
);
|
|
@@ -140,7 +140,7 @@
|
|
sub status_inc {
|
|
my($r,$q) = @_;
|
|
my(@retval, $module, $v, $file);
|
|
- my $uri = $r->uri;
|
|
+ my $uri = $r->location;
|
|
push @retval, "<table border=1>";
|
|
push @retval,
|
|
"<tr>",
|
|
@@ -198,7 +198,7 @@
|
|
my($r,$q) = @_;
|
|
my(@retval);
|
|
local $_;
|
|
- my $uri = $r->uri;
|
|
+ my $uri = $r->location;
|
|
my $cache = __PACKAGE__->registry_cache;
|
|
push @retval, "<b>Click on package name to see its symbol table</b><p>\n";
|
|
foreach (sort keys %$cache) {
|