Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
cobbler.21408
fix-script-endpoint-security-bug-1030582.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File fix-script-endpoint-security-bug-1030582.patch of Package cobbler.21408
Index: cobbler-2.6.6/cobbler/pxegen.py =================================================================== --- cobbler-2.6.6.orig/cobbler/pxegen.py +++ cobbler-2.6.6/cobbler/pxegen.py @@ -1256,9 +1256,16 @@ class PXEGen: else: blended['img_path'] = os.path.join("/images",distro.name) - template = os.path.normpath(os.path.join("/var/lib/cobbler/scripts",script_name)) - if not os.path.exists(template): - return "# script template %s not found" % script_name + scripts_path = "/var/lib/cobbler/scripts" + template = os.path.normpath(os.path.join(scripts_path,script_name)) + + available_scripts = [] + for root, folders, files in os.walk(scripts_path): + for file in files: + available_scripts.append(os.path.join(root, file)) + + if not template in available_scripts: + return "# script %s not found" % script_name template_fh = open(template) template_data = template_fh.read()
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor