current/SOURCES/python-werkzeug-0.11.10-CVE-2016-10516.patch

From 1034edc7f901dd645ec6e462754111b39002bd65 Mon Sep 17 00:00:00 2001
From: Your Name <neargle@outlook.com>
Date: Wed, 31 Aug 2016 16:00:55 +0800
Subject: [PATCH] fix XSS in debugger

Fix #1001
---
 werkzeug/debug/tbtools.py | 2 +-
 1 files changed, 1 insertions(+), 1 deletion(-)

diff --git a/werkzeug/debug/tbtools.py b/werkzeug/debug/tbtools.py
index 42f9d928d..2ee4718cb 100644
--- a/werkzeug/debug/tbtools.py
+++ b/werkzeug/debug/tbtools.py
@@ -358,7 +358,7 @@ def render_full(self, evalex=False, secret=None,
             'exception':        exc,
             'exception_type':   escape(self.exception_type),
             'summary':          self.render_summary(include_title=False),
-            'plaintext':        self.plaintext,
+            'plaintext':        escape(self.plaintext),
             'plaintext_cs':     re.sub('-{2,}', '-', self.plaintext),
             'traceback_id':     self.id,
             'secret':           secret
1	From 1034edc7f901dd645ec6e462754111b39002bd65 Mon Sep 17 00:00:00 2001
2	From: Your Name <neargle@outlook.com>
3	Date: Wed, 31 Aug 2016 16:00:55 +0800
4	Subject: [PATCH] fix XSS in debugger
5
6	Fix #1001
7	---
8	werkzeug/debug/tbtools.py \| 2 +-
9	1 files changed, 1 insertions(+), 1 deletion(-)
10
11	diff --git a/werkzeug/debug/tbtools.py b/werkzeug/debug/tbtools.py
12	index 42f9d928d..2ee4718cb 100644
13	--- a/werkzeug/debug/tbtools.py
14	+++ b/werkzeug/debug/tbtools.py
15	@@ -358,7 +358,7 @@ def render_full(self, evalex=False, secret=None,
16	'exception': exc,
17	'exception_type': escape(self.exception_type),
18	'summary': self.render_summary(include_title=False),
19	- 'plaintext': self.plaintext,
20	+ 'plaintext': escape(self.plaintext),
21	'plaintext_cs': re.sub('-{2,}', '-', self.plaintext),
22	'traceback_id': self.id,
23	'secret': secret