forked from pool/munin
This commit is contained in:
Git OBS Bridge
parent
81056ada02
commit
c3e80bde33
@ -1,29 +0,0 @@
|
||||
From: Tomaž Šolc <tomaz.solc@tablix.org>
|
||||
Date: Tue, 21 Feb 2017 14:42:26 +0100
|
||||
Subject: CVE-2017-6188: munin-cgi-graph local file write vulnerability
|
||||
References: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855705
|
||||
boo#1026539
|
||||
Upstream: https://github.com/munin-monitoring/munin/issues/721
|
||||
|
||||
Index: munin-2.0.25/master/_bin/munin-cgi-graph.in
|
||||
===================================================================
|
||||
--- munin-2.0.25.orig/master/_bin/munin-cgi-graph.in
|
||||
+++ munin-2.0.25/master/_bin/munin-cgi-graph.in
|
||||
@@ -447,13 +447,13 @@ sub draw_graph {
|
||||
'--output-file', $filename );
|
||||
|
||||
# Sets the correct size on a by_graph basis
|
||||
- push @params, "--size_x", CGI::param("size_x")
|
||||
+ push @params, "--size_x", scalar CGI::param("size_x")
|
||||
if (defined(CGI::param("size_x")));
|
||||
- push @params, "--size_y", CGI::param("size_y")
|
||||
+ push @params, "--size_y", scalar CGI::param("size_y")
|
||||
if (defined(CGI::param("size_y")));
|
||||
- push @params, "--upper_limit", CGI::param("upper_limit")
|
||||
+ push @params, "--upper_limit", scalar CGI::param("upper_limit")
|
||||
if (CGI::param("upper_limit"));
|
||||
- push @params, "--lower_limit", CGI::param("lower_limit")
|
||||
+ push @params, "--lower_limit", scalar CGI::param("lower_limit")
|
||||
if (CGI::param("lower_limit"));
|
||||
|
||||
# Sometimes we want to set the IMG size, and not the canvas.
|
||||
Loading…
Reference in New Issue
Block a user