Welcome, Guest. Please login or register.
Did you miss your activation email?


Login with username, password and session length

Search

 
Advanced search

8043 Posts in 1856 Topics- by 2099 Members - Latest Member: roi
« previous next »
Pages: [1]   Go Down
Print
Author Topic: security hack  (Read 288 times)
0 Members and 1 Guest are viewing this topic.
codezilla
New Member
*

Karma: 0
Offline Offline

Posts: 0


WWW
« on: December 08, 2004, 08:48:00 PM »
Hello,  I'm running a heavily customized version of CalendarScript 3.2 and need to patch the famous security hole.  It will be MUCH easier to patch the script manually, or so I hope.  However, when I ran a diff on calendar.pl 3.2 and 3.21 upgrade, I found no change (my calendar_admin.pl is already upgraded to 3.21, so no problem there).  Can somebody tell me what lines to change?  I assume it's a matter of some input validation?
Logged
codezilla
New Member
*

Karma: 0
Offline Offline

Posts: 0


WWW
« Reply #1 on: December 08, 2004, 08:52:00 PM »
Here's the diff:  

line 62
unless (-e $template_file) { &FATALERROR(&getMessage("TEMPLATE_FILE_DOES_NOT_EXIST")); }


is that it?
Logged
Pages: [1]   Go Up
Print
« previous next »
Jump to: