munin/CVE-2017-6188-fix-parameter-injection.patch

From: Tomaž Šolc <tomaz.solc@tablix.org>
Date: Tue, 21 Feb 2017 14:42:26 +0100
Subject: CVE-2017-6188: munin-cgi-graph local file write vulnerability
References: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855705
            boo#1026539
Upstream: https://github.com/munin-monitoring/munin/issues/721

Index: munin-2.0.25/master/_bin/munin-cgi-graph.in
===================================================================
--- munin-2.0.25.orig/master/_bin/munin-cgi-graph.in
+++ munin-2.0.25/master/_bin/munin-cgi-graph.in
@@ -447,13 +447,13 @@ sub draw_graph {
 		   '--output-file', $filename );
 
     # Sets the correct size on a by_graph basis
-    push @params, "--size_x", CGI::param("size_x")
+    push @params, "--size_x", scalar CGI::param("size_x")
       if (defined(CGI::param("size_x")));
-    push @params, "--size_y", CGI::param("size_y")
+    push @params, "--size_y", scalar CGI::param("size_y")
       if (defined(CGI::param("size_y")));
-    push @params, "--upper_limit", CGI::param("upper_limit")
+    push @params, "--upper_limit", scalar CGI::param("upper_limit")
       if (CGI::param("upper_limit"));
-    push @params, "--lower_limit", CGI::param("lower_limit")
+    push @params, "--lower_limit", scalar CGI::param("lower_limit")
       if (CGI::param("lower_limit"));
 
     # Sometimes we want to set the IMG size, and not the canvas.