current/SOURCES/python-werkzeug-0.11.10-CVE-2016-10516.patch

From 1034edc7f901dd645ec6e462754111b39002bd65 Mon Sep 17 00:00:00 2001
From: Your Name <neargle@outlook.com>
Date: Wed, 31 Aug 2016 16:00:55 +0800
Subject: [PATCH] fix XSS in debugger

Fix #1001
---
 werkzeug/debug/tbtools.py | 2 +-
 1 files changed, 1 insertions(+), 1 deletion(-)

diff --git a/werkzeug/debug/tbtools.py b/werkzeug/debug/tbtools.py
index 42f9d928d..2ee4718cb 100644
--- a/werkzeug/debug/tbtools.py
+++ b/werkzeug/debug/tbtools.py
@@ -358,7 +358,7 @@ def render_full(self, evalex=False, secret=None,
             'exception':        exc,
             'exception_type':   escape(self.exception_type),
             'summary':          self.render_summary(include_title=False),
-            'plaintext':        self.plaintext,
+            'plaintext':        escape(self.plaintext),
             'plaintext_cs':     re.sub('-{2,}', '-', self.plaintext),
             'traceback_id':     self.id,
             'secret':           secret
1	luigiwalser	1186890	From 1034edc7f901dd645ec6e462754111b39002bd65 Mon Sep 17 00:00:00 2001
2			From: Your Name <neargle@outlook.com>
3			Date: Wed, 31 Aug 2016 16:00:55 +0800
4			Subject: [PATCH] fix XSS in debugger
5
6			Fix #1001
7			---
8			werkzeug/debug/tbtools.py \| 2 +-
9			1 files changed, 1 insertions(+), 1 deletion(-)
10
11			diff --git a/werkzeug/debug/tbtools.py b/werkzeug/debug/tbtools.py
12			index 42f9d928d..2ee4718cb 100644
13			--- a/werkzeug/debug/tbtools.py
14			+++ b/werkzeug/debug/tbtools.py
15			@@ -358,7 +358,7 @@ def render_full(self, evalex=False, secret=None,
16			'exception': exc,
17			'exception_type': escape(self.exception_type),
18			'summary': self.render_summary(include_title=False),
19			- 'plaintext': self.plaintext,
20			+ 'plaintext': escape(self.plaintext),
21			'plaintext_cs': re.sub('-{2,}', '-', self.plaintext),
22			'traceback_id': self.id,
23			'secret': secret