[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CVS: cvs.openbsd.org: src

To: source-changes_(_at_)_cvs_(_dot_)_openbsd_(_dot_)_org
Subject: CVS: cvs.openbsd.org: src
From: Claudio Jeker <claudio_(_at_)_cvs_(_dot_)_openbsd_(_dot_)_org>
Date: Wed, 10 Oct 2007 07:23:40 -0600 (MDT)

CVSROOT:	/cvs
Module name:	src
Changes by:	claudio_(_at_)_cvs_(_dot_)_openbsd_(_dot_)_org	2007/10/10 07:23:40

Modified files:
	usr.bin/bgplg  : bgplg.c 

Log message:
Limit the allowed characters in a request to [a-zA-Z0-9-_.:/= ] everything
else will cause an "invalid character in input" error.
Fixes xss issue noticed by Anton Karpov.
OK henning@, sthen@

Prev by Date: CVS: cvs.openbsd.org: src
Next by Date: CVS: cvs.openbsd.org: src
Previous by thread: CVS: cvs.openbsd.org: src
Next by thread: CVS: cvs.openbsd.org: src
Index(es):
- Date
- Thread

Visit your host, monkey.org