Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTom Knight <tomk@gentoo.org>2007-08-19 20:32:39 +0000
committerTom Knight <tomk@gentoo.org>2007-08-19 20:32:39 +0000
commite2bd7e7a1f995c385f1657db7086cf88089e8a64 (patch)
tree9a30a8ecd02d82c9cb366fc8f0f19483df59f653
parenthomepage_update: c.execute = (... Yeah, that should have been c.execute(... (diff)
downloadgentoo-v1_3.tar.gz
gentoo-v1_3.tar.bz2
gentoo-v1_3.zip
Prevent command execution vulnerabilities, bug 187971v1_3
Diffstat
-rw-r--r--src/packages/mksite.py6
1 files changed, 3 insertions, 3 deletions
diff --git a/src/packages/mksite.py b/src/packages/mksite.py
index 9849b1be1e..7e3561bb70 100644
--- a/src/packages/mksite.py
+++ b/src/packages/mksite.py
@@ -155,7 +155,7 @@ def main():
open(config.LOCALHOME + '/ebuilds/index.shtml', 'w').write(
index.replace(
'<!--#include virtual="main.shtml"-->',
- '<!--#exec cmd="./query_ebuild.py $QUERY_STRING" -->')
+ '<!--#exec cmd="export QUERY_STRING;./query_ebuild.py" -->')
)
# /feeds
@@ -190,7 +190,7 @@ def main():
# /search
open(config.LOCALHOME + '/search/index.shtml', 'w').write(
index.replace('<!--#include virtual="main.shtml"-->',
- '<!--#exec cmd="./search.py $QUERY_STRING" -->'
+ '<!--#exec cmd="export QUERY_STRING;./search.py" -->'
)
)
@@ -202,7 +202,7 @@ def main():
# /similar
open(config.LOCALHOME + '/similar/index.shtml', 'w').write(
index.replace('<!--#include virtual="main.shtml"-->',
- '<!--#exec cmd="./similar.py $QUERY_STRING" -->'
+ '<!--#exec cmd="export QUERY_STRING;./similar.py" -->'
)
)