urosm
/
ikiwiki
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

* In mercurial backend, untaint ipaddr when using it as the user for the 

commit. Thanks, Alexander Wirt. Closes: #420428
master
joey 2007-04-22 17:45:39 +00:00
parent bad02f2856
commit 1e62d2bc0c
2 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
IkiWiki/Rcs/mercurial.pm
View File

@ -72,7 +72,7 @@ sub rcs_commit ($$$;$$) { #{{{
$user = possibly_foolish_untaint($user); $user = possibly_foolish_untaint($user);
} }
elsif (defined $ipaddr) { elsif (defined $ipaddr) {
$user = "Anonymous from $ipaddr"; $user = "Anonymous from ".possibly_foolish_untaint($ipaddr);
} }
else { else {
$user = "Anonymous"; $user = "Anonymous";

4
debian/changelog vendored
View File

@ -3,8 +3,10 @@ ikiwiki (1.51) UNRELEASED; urgency=low
* Support setting svnpath to "" for wikis that are rooted at the top of * Support setting svnpath to "" for wikis that are rooted at the top of
their svn repositories, with no trunk directory. their svn repositories, with no trunk directory.
* Minor template improvements by Alessandro. * Minor template improvements by Alessandro.
* In mercurial backend, untaint ipaddr when using it as the user for the
commit. Thanks, Alexander Wirt. Closes: #420428
-- Joey Hess <joeyh@debian.org> Wed, 18 Apr 2007 19:35:29 -0400 -- Joey Hess <joeyh@debian.org> Sun, 22 Apr 2007 13:43:49 -0400
ikiwiki (1.50) unstable; urgency=low ikiwiki (1.50) unstable; urgency=low