[Patches] [PATCH] [3.2.x] Bug 6629 vulnerability fix

koha-patchbot at kohaaloha.com koha-patchbot at kohaaloha.com
Fri Nov 25 20:45:03 NZDT 2011


From: Chris Cormack <chrisc at catalyst.net.nz>
Date: Fri, 25 Nov 2011 20:43:02 +1300
Subject: [PATCH] [3.2.x] Bug 6629 vulnerability fix

---
 C4/Output.pm |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/C4/Output.pm b/C4/Output.pm
index a6cb984..11024d7 100644
--- a/C4/Output.pm
+++ b/C4/Output.pm
@@ -160,6 +160,7 @@ sub themelanguage {
       if $http_accept_language;
     # But, if there's a cookie set, obey it
     $lang = $query->cookie('KohaOpacLanguage') if (defined $query and $query->cookie('KohaOpacLanguage'));
+    $lang =~ s/[^a-zA-Z_-]*//; 
     # Fall back to English
     my @languages;
     if ($interface eq 'intranet') {
-- 
1.7.5.4


More information about the Patches mailing list