Package: clearsilver / 0.10.5-4

CVE-2011-4357.diff Patch series | download
1
2
3
4
5
6
7
8
9
10
11
--- a/python/neo_cgi.c
+++ b/python/neo_cgi.c
@@ -178,7 +178,7 @@
   if (!PyArg_ParseTuple(args, "s:error(str)", &s))
     return NULL;

-  cgi_error (cgi, s);
+  cgi_error (cgi, "%s", s);
   rv = Py_None;
   Py_INCREF(rv);
   return rv;