SOURCES: apache-mod_perl-path_info_secfix.patch (NEW) - fix path_i...
radek
radek at pld-linux.org
Fri Mar 23 14:04:05 CET 2007
Author: radek Date: Fri Mar 23 13:04:05 2007 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- fix path_info related security issue
---- Files affected:
SOURCES:
apache-mod_perl-path_info_secfix.patch (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: SOURCES/apache-mod_perl-path_info_secfix.patch
diff -u /dev/null SOURCES/apache-mod_perl-path_info_secfix.patch:1.1
--- /dev/null Fri Mar 23 14:04:05 2007
+++ SOURCES/apache-mod_perl-path_info_secfix.patch Fri Mar 23 14:03:59 2007
@@ -0,0 +1,11 @@
+--- ModPerl-Registry/lib/ModPerl/RegistryCooker.pm~ 2006-11-20 00:31:41.000000000 +0100
++++ ModPerl-Registry/lib/ModPerl/RegistryCooker.pm 2007-03-23 14:01:52.606187672 +0100
+@@ -337,7 +337,7 @@
+ my $self = shift;
+
+ my $path_info = $self->{REQ}->path_info;
+- my $script_name = $path_info && $self->{URI} =~ /$path_info$/
++ my $script_name = $path_info && $self->{URI} =~ /\Q$path_info\E$/
+ ? substr($self->{URI}, 0, length($self->{URI}) - length($path_info))
+ : $self->{URI};
+
================================================================
More information about the pld-cvs-commit
mailing list