From 911aae05b5d3ffd2543333e27cf06778381c7b3c Mon Sep 17 00:00:00 2001
From: Tobias Klauser <tklauser@distanz.ch>
Date: Sat, 23 May 2009 15:14:45 +0200
Subject: New upstream release 15.7a, fixing CVE-2009-0148

---
 contrib/webcscope/cscope | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

(limited to 'contrib/webcscope/cscope')

diff --git a/contrib/webcscope/cscope b/contrib/webcscope/cscope
index 7d98fce..1ed2e5c 100755
--- a/contrib/webcscope/cscope
+++ b/contrib/webcscope/cscope
@@ -1,6 +1,6 @@
-#!/bin/perl
+#!/usr/bin/perl
 
-# $Id: cscope,v 1.1 2001/06/29 14:20:16 petr Exp $
+# $Id: cscope,v 1.2 2007/01/07 12:34:01 broeker Exp $
 #
 # WebCscope: A web interface to the cscope application
 # Copyright (C) 2001, Ragho Mahalingam <ragho@mahalingam.com>
@@ -22,6 +22,9 @@
 # Change History:
 # 
 # $Log: cscope,v $
+# Revision 1.2  2007/01/07 12:34:01  broeker
+# Direct attention to security issues with webcscope.
+#
 # Revision 1.1  2001/06/29 14:20:16  petr
 # Added webcscope to contribs.
 #
@@ -375,6 +378,7 @@ sub PrintForm {
 	print &HtmlTop ("Web-CScope");
 
 	print <<ENDOFTEXTA;
+<p style="color:red">Be aware that this webfrontend is insecure and allows viewing ALL apache readable files, including your configuration!</p>   
 Select an operation below and enter a symbol, function or text to search in
 the database.  The active version is $version.  Input is case-sensitive,
 so if your search returns no results, check the case and the symbol name.<hr>
@@ -431,7 +435,7 @@ ENDOFTEXT2
 sub Feedback {
 
   $feedback  = "<font size=-1>";
-  $feedback .= '$Id: cscope,v 1.1 2001/06/29 14:20:16 petr Exp $<br>';
+  $feedback .= '$Id: cscope,v 1.2 2007/01/07 12:34:01 broeker Exp $<br>';
   $feedback .= "$comment{name}<i>&lt;";
   $feedback .= "<a href=\"mailto:$comment{email}\">";
   $feedback .= "$comment{email}</a>&gt;</i></font>";
-- 
cgit v1.2.3-54-g00ecf