Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.3
munin
CVE-2017-6188-fix-parameter-injection.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2017-6188-fix-parameter-injection.patch of Package munin
From: Tomaž Šolc <tomaz.solc@tablix.org> Date: Tue, 21 Feb 2017 14:42:26 +0100 Subject: CVE-2017-6188: munin-cgi-graph local file write vulnerability References: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855705 boo#1026539 Upstream: https://github.com/munin-monitoring/munin/issues/721 Index: munin-2.0.25/master/_bin/munin-cgi-graph.in =================================================================== --- munin-2.0.25.orig/master/_bin/munin-cgi-graph.in +++ munin-2.0.25/master/_bin/munin-cgi-graph.in @@ -447,13 +447,13 @@ sub draw_graph { '--output-file', $filename ); # Sets the correct size on a by_graph basis - push @params, "--size_x", CGI::param("size_x") + push @params, "--size_x", scalar CGI::param("size_x") if (defined(CGI::param("size_x"))); - push @params, "--size_y", CGI::param("size_y") + push @params, "--size_y", scalar CGI::param("size_y") if (defined(CGI::param("size_y"))); - push @params, "--upper_limit", CGI::param("upper_limit") + push @params, "--upper_limit", scalar CGI::param("upper_limit") if (CGI::param("upper_limit")); - push @params, "--lower_limit", CGI::param("lower_limit") + push @params, "--lower_limit", scalar CGI::param("lower_limit") if (CGI::param("lower_limit")); # Sometimes we want to set the IMG size, and not the canvas.
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor