New upstream release 15.7a, fixing CVE-2009-014815.7a-1

1 files changed, 7 insertions, 3 deletions

diff --git a/contrib/webcscope/cscope b/contrib/webcscope/cscope
index 7d98fce..1ed2e5c 100755
--- a/contrib/webcscope/cscope
+++ b/contrib/webcscope/cscope
@@ -1,6 +1,6 @@
-#!/bin/perl
+#!/usr/bin/perl
 
-# $Id: cscope,v 1.1 2001/06/29 14:20:16 petr Exp $
+# $Id: cscope,v 1.2 2007/01/07 12:34:01 broeker Exp $
 #
 # WebCscope: A web interface to the cscope application
 # Copyright (C) 2001, Ragho Mahalingam <ragho@mahalingam.com>
@@ -22,6 +22,9 @@
 # Change History:
 # 
 # $Log: cscope,v $
+# Revision 1.2  2007/01/07 12:34:01  broeker
+# Direct attention to security issues with webcscope.
+#
 # Revision 1.1  2001/06/29 14:20:16  petr
 # Added webcscope to contribs.
 #
@@ -375,6 +378,7 @@ sub PrintForm {
 	print &HtmlTop ("Web-CScope");
 
 	print <<ENDOFTEXTA;
+<p style="color:red">Be aware that this webfrontend is insecure and allows viewing ALL apache readable files, including your configuration!</p>   
 Select an operation below and enter a symbol, function or text to search in
 the database.  The active version is $version.  Input is case-sensitive,
 so if your search returns no results, check the case and the symbol name.<hr>
@@ -431,7 +435,7 @@ ENDOFTEXT2
 sub Feedback {
 
   $feedback  = "<font size=-1>";
-  $feedback .= '$Id: cscope,v 1.1 2001/06/29 14:20:16 petr Exp $<br>';
+  $feedback .= '$Id: cscope,v 1.2 2007/01/07 12:34:01 broeker Exp $<br>';
   $feedback .= "$comment{name}<i>&lt;";
   $feedback .= "<a href=\"mailto:$comment{email}\">";
   $feedback .= "$comment{email}</a>&gt;</i></font>";