aboutsummaryrefslogtreecommitdiffstats
path: root/main/patchwork/CVE-2019-13122.patch
diff options
context:
space:
mode:
Diffstat (limited to 'main/patchwork/CVE-2019-13122.patch')
-rw-r--r--main/patchwork/CVE-2019-13122.patch18
1 files changed, 18 insertions, 0 deletions
diff --git a/main/patchwork/CVE-2019-13122.patch b/main/patchwork/CVE-2019-13122.patch
new file mode 100644
index 0000000000..3210c14cf1
--- /dev/null
+++ b/main/patchwork/CVE-2019-13122.patch
@@ -0,0 +1,18 @@
+diff --git a/patchwork/templatetags/patch.py b/patchwork/templatetags/patch.py
+index c65bd5e..9a447bc 100644
+--- a/patchwork/templatetags/patch.py
++++ b/patchwork/templatetags/patch.py
+@@ -21,6 +21,7 @@
+ from __future__ import absolute_import
+
+ from django import template
++from django.utils.html import escape
+ from django.utils.safestring import mark_safe
+ from django.template.defaultfilters import stringfilter
+
+@@ -65,4 +66,4 @@ def state_class(state):
+ @register.filter
+ @stringfilter
+ def msgid(value):
+- return mark_safe(value.strip('<>'))
++ return escape(value.strip('<>'))
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-30 15:30:13 +0000