← Back to branch summary

~ubuntu-branches/ubuntu/hardy/mailman/hardy-updates

« back to all changes in this revision

Viewing changes to debian/patches/04_CAN-2005-0202.dpatch

  • Committer: Bazaar Package Importer
  • Author(s): Martin Pitt
  • Date: 2006-07-03 16:59:25 UTC
  • mfrom: (1.1.1 upstream)
  • Revision ID: james.westby@ubuntu.com-20060703165925-175ubna955u796c0
Tags: 0:2.1.8-1ubuntu1
* Merge to Debian; remaining Ubuntu changes:
  - debian/mailman.init: Create /var/{run,lock}/mailman.
  - debian/control: exim4 -> postfix.
* debian/control: Dependency fix: apache -> apache2.

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/patches/04_CAN-2005-0202.dpatch
1
 
#!/bin/sh -e
2
 
## 04_CAN-2005-0202.dpatch by  <martin.pitt@ubuntu.com>
3
 
##
4
 
## All lines beginning with `## DP:' are a description of the patch.
5
 
## DP: No description.
6
 
 
7
 
[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
8
 
patch_opts="${patch_opts:--f --no-backup-if-mismatch ${2:+-d $2}}"
9
 
 
10
 
if [ $# -lt 1 ]; then
11
 
    echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
12
 
    exit 1
13
 
fi
14
 
case "$1" in
15
 
    -patch) patch $patch_opts -p1 < $0;;
16
 
    -unpatch) patch $patch_opts -p1 -R < $0;;
17
 
    *)
18
 
        echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
19
 
        exit 1;;
20
 
esac
21
 
 
22
 
exit 0
23
 
@DPATCH@
24
 
diff -urNad mailman-2.1.5/Mailman/Cgi/private.py /tmp/dpep.URxxJG/mailman-2.1.5/Mailman/Cgi/private.py
25
 
--- mailman-2.1.5/Mailman/Cgi/private.py        2003-02-08 08:13:50.000000000 +0100
26
 
+++ /tmp/dpep.URxxJG/mailman-2.1.5/Mailman/Cgi/private.py       2005-02-09 12:49:59.245112000 +0100
27
 
@@ -39,10 +39,8 @@
28
 
 
29
 
 def true_path(path):
30
 
     "Ensure that the path is safe by removing .."
31
 
-    path = path.replace('../', '')
32
 
-    path = path.replace('./', '')
33
 
-    return path[1:]
34
 
-
35
 
+    parts = [x for x in path.split('/') if x not in ('.', '..')]
36
 
+    return '/'.join(parts)[1:]
37
 
 
38
 
 
39
 
 def guess_type(url, strict):