From owner-cvs-all  Thu Jul 13  2: 1:14 2000
Delivered-To: cvs-all@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
	by hub.freebsd.org (Postfix) with ESMTP
	id 3FFC437B66D; Thu, 13 Jul 2000 02:01:11 -0700 (PDT)
	(envelope-from knu@FreeBSD.org)
Received: (from knu@localhost)
	by freefall.freebsd.org (8.9.3/8.9.2) id CAA15477;
	Thu, 13 Jul 2000 02:01:11 -0700 (PDT)
	(envelope-from knu@FreeBSD.org)
Message-Id: <200007130901.CAA15477@freefall.freebsd.org>
From: Akinori MUSHA <knu@FreeBSD.org>
Date: Thu, 13 Jul 2000 02:01:11 -0700 (PDT)
To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: cvs commit: www/en/cgi cvsweb.cgi
X-FreeBSD-CVS-Branch: HEAD
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

knu         2000/07/13 02:01:11 PDT

  Modified files:
    en/cgi               cvsweb.cgi 
  Log:
  Fix a security hole: Do not pass the input from a user to the shell
  without checking!
  
  Approved by:	kris (as a security officer)
  
  Revision  Changes    Path
  1.44      +17 -11    www/en/cgi/cvsweb.cgi



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message