From owner-cvs-all  Mon Oct 29 23:26:30 2001
Delivered-To: cvs-all@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP
	id D598637B406; Mon, 29 Oct 2001 23:26:27 -0800 (PST)
Received: (from kuriyama@localhost)
	by freefall.freebsd.org (8.11.4/8.11.4) id f9U7QRG82469;
	Mon, 29 Oct 2001 23:26:27 -0800 (PST)
	(envelope-from kuriyama)
Message-Id: <200110300726.f9U7QRG82469@freefall.freebsd.org>
From: Jun Kuriyama <kuriyama@FreeBSD.org>
Date: Mon, 29 Oct 2001 23:26:27 -0800 (PST)
To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: cvs commit: www/en/cgi search.cgi
X-FreeBSD-CVS-Branch: HEAD
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

kuriyama    2001/10/29 23:26:27 PST

  Modified files:
    en/cgi               search.cgi 
  Log:
  Prevent cross-site-scripting by escaping input text.
  
  Pointed out by:	"Benjamin Krueger" <roo@ufies.org>
  Reference:	http://securityfocus.com/cgi-bin/archive.pl?id=1&mid=220101&start=2001-10-09&end=2001-10-15
  
  Revision  Changes    Path
  1.22      +2 -1      www/en/cgi/search.cgi

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message