git.koha-community.org Git - koha.git/commit

]> git.koha-community.org Git - koha.git/commit

projects / koha.git / commit

summary | shortlog | log | commit | commitdiff | tree
(parent: 37b762d) | patch

author	Chris Cormack <chris@bigballofwax.co.nz>
	Sat, 1 Feb 2014 02:06:58 +0000 (15:06 +1300)
committer	Fridolin Somers <fridolin.somers@biblibre.com>
	Thu, 6 Feb 2014 18:59:02 +0000 (19:59 +0100)
commit	3bd50e3547773b73bd7e1d8bc44b37df3e149b39
tree	723ef9c55968c308a605cb291f147be9bc5807b2	tree \| snapshot
parent	37b762db25a998a5105a262759a085c995581728	commit \| diff

Bug 11661: sanitize file names supplied to edithelp.pl

This patch corrects an issue whereby edithelp.pl could
be used to create or modify arbitrary files on the server
with the permissions of the Apache user.

Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 7baf02c263a627b1454577b3141a0af4b8f963d1)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

diff | blob | history

Main Koha release repository