Browse Source
Fixes the following things: 1. Sanitizes log output to prevent an attacker from using a specially crafted POST to add extra lines to the log 2. Simplify a regular expression since "..file" cannot be used to escape the current directory 3. Makes sure directories are consistent 4. Correct logic issues in misc/cronjobs/backup.sh Thanks to Frere Sebastien Marie for catching these issues. Signed-off-by: Robin Sheat <robin@catalyst.net.nz> Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>3.10.x
Jared Camins-Esakov
12 years ago
committed by
Paul Poulain
3 changed files with 14 additions and 5 deletions
Loading…
Reference in new issue