From: Axel Beckert <xtaran@users.sourceforge.net>
Date: Thu, 2 Oct 2008 01:05:34 +0000 (+0000)
Subject: Minimal version of Kevin's patch against CVE-2008-2236 (no additional variable $esc_f... 
X-Git-Tag: v2_1_2~3
X-Git-Url: https://git.stderr.nl/gitweb?a=commitdiff_plain;ds=sidebyside;h=a26eb1e0747bd1a3fca04a7aea603232b9793375;hp=a26eb1e0747bd1a3fca04a7aea603232b9793375;p=matthijs%2Fupstream%2Fblosxom.git

Minimal version of Kevin's patch against CVE-2008-2236 (no additional variable $esc_flavour since $flavour should never contain any HTML code and therefore the distinction between escaped and unescaped is not necessary and doesn't make it necessary to change any templates. (We only can change ours.)
---