[patchlogo]

Debian patch tracking system

- cgiirc - cgiirc/0.5.9-3squeeze1 - ./debian-dir only patch

cgiirc (0.5.9-3squeeze1) debian-dir only changes

Summary

 debian/README.Debian                         |   37 ++++++++
 debian/cgiirc.install                        |   11 ++
 debian/changelog                             |  121 +++++++++++++++++++++++++++
 debian/compat                                |    1 
 debian/control                               |   19 ++++
 debian/copyright                             |   52 +++++++++++
 debian/etc/cgiirc.config                     |   22 ++++
 debian/etc/ipaccess                          |    7 +
 debian/index.html                            |   25 +++++
 debian/patches/00list                        |    3 
 debian/patches/01_modules_location.dpatch    |   53 +++++++++++
 debian/patches/02_interfaces_location.dpatch |   59 +++++++++++++
 debian/patches/03_CVE-2011-0050.dpatch       |   19 ++++
 debian/rules                                 |   57 ++++++++++++
 debian/watch                                 |    4 
 15 files changed, 490 insertions(+)
download this patch

Patch contents

--- cgiirc-0.5.9.orig/debian/control
+++ cgiirc-0.5.9/debian/control
@@ -0,0 +1,19 @@
+Source: cgiirc
+Section: net
+Priority: extra
+Maintainer: Damián Viano <des@debian.org>
+Build-Depends: debhelper (>= 5.0.0), dpatch
+Standards-Version: 3.7.2
+
+Package: cgiirc
+Architecture: any
+Depends: apache | httpd-cgi, ${perl:Depends}, ${shlibs:Depends}
+Description: web based irc client
+ CGI:IRC is a Perl/CGI program that allows you to use IRC
+ from a Web browser without having to have access to an
+ IRC port. It does not use Java, but it does need a browser
+ capable of rendering frames. It can be used on a Web page
+ to allow users to chat and can also be used to access chat
+ from behind a firewall.
+ .
+ Homepage: http://cgiirc.sourceforge.net/
--- cgiirc-0.5.9.orig/debian/compat
+++ cgiirc-0.5.9/debian/compat
@@ -0,0 +1 @@
+5
--- cgiirc-0.5.9.orig/debian/watch
+++ cgiirc-0.5.9/debian/watch
@@ -0,0 +1,4 @@
+# This is a uscan(1) watch file
+version=3
+
+http://sf.net/cgiirc/cgiirc-(.*).tar.gz
--- cgiirc-0.5.9.orig/debian/README.Debian
+++ cgiirc-0.5.9/debian/README.Debian
@@ -0,0 +1,37 @@
+cgiirc for Debian
+-----------------
+
+CGI:IRC is a Perl/CGI program that allows you to use IRC from a Web
+browser without having to have access to an IRC port. It does not
+use Java, but it does need a browser capable of rendering frames.
+It can be used on a Web page to allow users to chat and can also be
+used to access chat from behind a firewall.
+
+Homepage: http://cgiirc.sourceforge.net/
+
+To enable cgiirc usage you should symlink /usr/share/cgiirc/www in your
+document root, i.e.: (assuming your document root is /var/www)
+
+ ln -s /usr/share/cgiirc/www /var/www/cgiirc
+
+After that you should be able to access your cgiirc installation as i.e:
+
+	http://localhost/cgiirc/
+
+Debian cgiirc has it's configuration files in:
+  * /etc/cgiirc
+
+You should probably take a look at that since, by default, only localhost
+access to cgiirc is allowed. You would probably also like to configure different
+default servers and/or channels.
+
+You can find a list of all configuration options in:
+  * /usr/share/doc/cgiirc/examples/cgiirc.config.full.gz
+
+You can switch to a less-overhead (but architecture-specific)
+cgi by changing `script_form = client-perl.cgi' to
+`script_form = client.cgi' in /etc/cgiirc/cgiirc.config
+
+Perhaps you also like the following tools shipped with cgiirc:
+  * /usr/share/cgiirc/decode.pl
+  * /usr/share/cgiirc/viewconnects.pl
--- cgiirc-0.5.9.orig/debian/cgiirc.install
+++ cgiirc-0.5.9/debian/cgiirc.install
@@ -0,0 +1,11 @@
+*.cgi                                usr/lib/cgi-bin/cgiirc/
+modules                              usr/share/cgiirc/
+interfaces                           usr/share/cgiirc/
+images/*                             usr/share/images/cgiirc/
+formats                              etc/cgiirc/
+
+debian/index.html                    usr/share/cgiirc/www
+
+debian/etc/*                         etc/cgiirc/
+
+docs/*.pl                            usr/share/cgiirc/
--- cgiirc-0.5.9.orig/debian/index.html
+++ cgiirc-0.5.9/debian/index.html
@@ -0,0 +1,25 @@
+<?xml version="1.0"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+	<link rel="SHORTCUT ICON" href="/images/cgiirc/favicon.ico" />
+	<meta HTTP-EQUIV="Refresh" Content="0;  URL=/cgi-bin/cgiirc/irc.cgi" />
+	<title>CGI:IRC</title>
+	<style type="text/css">
+		body { background-color:#ffffff; color:#000000; }
+		a { text-decoration: none; }
+		a:link { color:#000000; }
+		a:visited { color:#000000; }
+		a:active { color:#000000; }
+	</style>
+</head>
+<body bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000">
+	<p>
+		<a href="/cgi-bin/cgiirc/irc.cgi">
+			You will be automatically redirected or click to start
+			<img border="0" align="middle" src="/images/cgiirc/cgiirc.gif" alt="CGI:IRC" />
+		</a>
+	</p>
+</body>
+</html>
--- cgiirc-0.5.9.orig/debian/changelog
+++ cgiirc-0.5.9/debian/changelog
@@ -0,0 +1,121 @@
+cgiirc (0.5.9-3squeeze1) stable-security; urgency=high
+
+  * Non-maintainer upload by The Security Team.
+  * Fixed XSS flaw in handling clients who have Javascript disabled.
+    [CVE-2011-0050]
+
+ -- Steve Kemp <skx@debian.org>  Wed, 2 Feb 2011 08:09:10 +0000
+
+cgiirc (0.5.9-3) unstable; urgency=low
+
+  * Cleaned up some of the leftovers of the images/ directory move trusting
+    fully on the /images/ alias given by policy 11.5.3 (Closes: #423688)
+  * Changes recommended by the draft webapp policy
+    + Moved index.html to /usr/share/cgiirc/www
+    + Moved modules and interfaces to /usr/share/cgiirc adding
+      - debian/patches/01_modules_location.dpatch
+      - debian/patches/02_interfaces_location.dpatch
+  * Removed pointless restrictions on /etc/cgiirc
+
+ -- Damián Viano <des@debian.org>  Wed, 16 May 2007 22:44:37 -0300
+
+cgiirc (0.5.9-2) unstable; urgency=low
+
+  * Fix postinst by moving chgrp and chmod to build-time
+  * Cleanup debian/rules
+
+ -- Damián Viano <debian@damianv.com.ar>  Sat, 30 Sep 2006 00:15:44 -0300
+
+cgiirc (0.5.9-1) unstable; urgency=high
+
+  * New maintainer
+  * New upstream release (Closes: #296114)
+    + Fixed security-related bug (CVE-2006-2148), and thus set
+       urgency=high (Closes: #365680)
+  * Debian specific patches removed (they are all dated or applied):
+    + 50_allow-port
+    + 50_select-and-input
+    + 50_viewconnects-times
+    + 50_decode-cmdline
+    + 50_http-client_ip
+    + 50_multiple-ipaccess+always-close-ipaccess
+    + 50_reconnect-link
+    + 60_config-in-etc.after.multiple-ipaccess
+    + 60_select-and-input-mine
+    + 70_select-table-ie-fix
+  * Rewrote copyright file
+    + Added copyright information for modules/IRC/UniqueHash.pm
+    + Correctly differentiate between copyright and license (Closes: #338181)
+  * Updated watch file
+  * Updated standards version to 3.7.2
+    + moved images to /usr/share/images/cgiirc
+    + added dependency on httpd-cgi and removed redundant recommends
+  * Updated compat level for debhelper to 5
+
+ -- Damián Viano <debian@damianv.com.ar>  Mon, 19 Jun 2006 19:44:44 -0300
+
+cgiirc (0.5.4-6) unstable; urgency=low
+
+  * Mario
+    + typo in *index.html
+  * Elrond
+    + add debian/watch
+    + add 50_reconnect-link.dpatch by Pabs <pabs@zip.to>
+      to create link back to login page at /quit
+      (Closes: #268794)
+  * Mario and Elrond
+    + fixup our advanced input boxes for IE (heavy work!)
+    + Add warnings not to change debian specific settings
+      like image_path (closes: #264598)
+
+ -- Mario Holbe <debian-cgiirc@Wunder-Nett.org>  Mon,  8 Nov 2004 14:11:52 +0100
+
+cgiirc (0.5.4-5) unstable; urgency=low
+
+  * README.Debian by Mario Holbe
+  * Generate README.patches from dpatch cat-all
+  * Patch to let decode.pl take cmdline args by Mario Holbe
+  * Change Maintainer address
+  * ACK for wnpp (Closes: #202187)
+
+ -- Mario Holbe <debian-cgiirc@Wunder-Nett.org>  Mon, 26 Jul 2004 23:01:08 +0200
+
+cgiirc (0.5.4-4) unstable; urgency=low
+
+  * Fix lintian warnings:
+    - Add /etc/cgiirc/formats/* as conffiles.
+    - Recommend a real "httpd"-package (apache).
+  * update select-and-input patches and split them into two parts.
+
+ -- Elvenlord Elrond <elrond+debian.org@samba-tng.org>  Sat, 19 Jun 2004 21:33:21 +0200
+
+cgiirc (0.5.4-3) unstable; urgency=low
+
+  * Fix permissions on /etc/cgiirc: The config can contain
+    a password.
+  * Do not install interfaces/interface-make, it's not
+    needed, and
+    - Yielded a lintian warning.
+    - Adds unnecessary stuff in cgi-bin.
+  * Read config from /etc/cgiirc or the old place. Let's us
+    kill the symlink in the old place.
+  * Recommends: httpd, decode.pl can be used standalone.
+  * Add multi-ipaccess patch.
+  * Add 50_viewconnects-times.dpatch.
+  * Do not any more install .htaccess in usr/lib/cgi-bin/cgiirc/, we
+    don't have the config there any more.
+
+ -- Elvenlord Elrond <elrond+debian.org@samba-tng.org>  Fri, 18 Jun 2004 22:19:47 +0200
+
+cgiirc (0.5.4-2) unstable; urgency=low
+
+  * Add .htaccess from upstream to cgi-bin
+  * Add redirecting index.html to /var/www/cgiirc/ and images/.
+
+ -- Elvenlord Elrond <elrond+debian.org@samba-tng.org>  Wed, 16 Jun 2004 21:20:33 +0200
+
+cgiirc (0.5.4-1) unstable; urgency=low
+
+  * Initial release
+
+ -- Elvenlord Elrond <elrond+debian.org@samba-tng.org>  Tue, 15 Jun 2004 20:32:10 +0200
--- cgiirc-0.5.9.orig/debian/copyright
+++ cgiirc-0.5.9/debian/copyright
@@ -0,0 +1,52 @@
+This package was debianized by Elrond <elrond+debian.org@samba-tng.org> and
+Mario Holbe <Mario.Holbe@RZ.TU-Ilmenau.DE> and is currently maintained by
+Damián Viano <des@debian.org>.
+
+It was downloaded from http://cgiirc.sourceforge.net/download/
+
+Upstream Author: David Leadbeater
+
+Copyright:
+
+    For CGI:IRC
+
+	Copyright 2002-2004 David Leadbeater <cgiirc@dgl.cx>
+
+    For modules/IRC/UniqueHash.pm
+
+	Copyright 1999 Jay F. Kominek <jay.kominek@colorado.edu>
+
+Licence:
+
+    For CGI:IRC
+
+	This program is free software; you can redistribute it and/or modify
+	it under the terms of the GNU General Public License as published by
+	the Free Software Foundation; either version 2 of the License, or
+	(at your option) any later version.
+
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU General Public License for more details.
+
+	On Debian GNU/Linux systems, the complete text of the GNU General
+	Public License version 2 can be found in `/usr/share/common-licenses'.
+
+    For modules/IRC/UniqueHash.pm
+
+	Use, modification and distribution is allowed without limitation, warranty,
+	or liability of any kind, with the single exception that you may not distribute
+	a derived work of this work under a license more restrictive than this and at
+	the same time describe that work as "free software" in its documentation,
+	source code, or license.
+
+	The above copyright notice and this permission notice shall be included in
+	all copies or substantial portions of the Software.
+
+	THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+	IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+	FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+	AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+	CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
--- cgiirc-0.5.9.orig/debian/rules
+++ cgiirc-0.5.9/debian/rules
@@ -0,0 +1,57 @@
+#!/usr/bin/make -f
+
+include /usr/share/dpatch/dpatch.make
+
+build: patch
+	dh_testdir
+	cc -g -O2 -Wall -o client.cgi client.c
+	chmod +x docs/*.pl
+
+clean: unpatch
+	dh_testdir
+	dh_testroot
+	rm -rf client.cgi
+	dh_clean
+
+DESTDIR = debian/cgiirc
+install: build
+	dh_testdir
+	dh_testroot
+	dh_clean -k
+	
+	dh_install
+#	dh_link usr/share/images/cgiirc \
+		var/www/cgiirc/images
+	rm -rf ${DESTDIR}/usr/share/cgiirc/interfaces/interface-make
+
+binary-indep:
+	# Nothing
+
+binary-arch: build install
+	dh_testdir -a
+	dh_testroot -a
+	dh_installchangelogs -a docs/CHANGES
+	dh_installdocs -a \
+		README \
+		docs/TODO \
+		docs/*.html \
+		debian/README.Debian
+	dh_installexamples -a \
+		cgiirc.config* \
+		ipaccess* \
+		docs/identd.xinetd
+	dh_strip -a
+	dh_compress -a
+	dh_fixperms -a -X /etc/cgiirc
+	dh_installdeb -a
+	dh_perl -a /usr/share/cgiirc
+	dh_shlibdeps -a
+	dh_gencontrol -a
+	dh_md5sums -a
+	dh_builddeb -a
+
+
+binary: binary-indep binary-arch
+
+
+.PHONY: binary binary-arch binary-indep clean build patch unpatch
--- cgiirc-0.5.9.orig/debian/etc/cgiirc.config
+++ cgiirc-0.5.9/debian/etc/cgiirc.config
@@ -0,0 +1,22 @@
+# CGI:IRC configuration file.
+#
+# Check /usr/share/doc/cgiirc/examples/cgiirc.config.full.gz
+# for more details.
+# Take care about applying debian-specific settings like
+# `image_path' if you intend to just copy it!
+
+default_server = irc.debian.org
+default_port = 6667
+default_channel = #cgiirc
+default_name = CGI:IRC User
+default_nick=CGI???
+
+# Don't change these, they're specific to Debian:
+image_path = /images/cgiirc
+# -----------------------------------------------
+
+script_nph = nph-irc.cgi
+script_form = client-perl.cgi
+script_login = irc.cgi
+
+ip_access_file = ipaccess
--- cgiirc-0.5.9.orig/debian/etc/ipaccess
+++ cgiirc-0.5.9/debian/etc/ipaccess
@@ -0,0 +1,7 @@
+# CGI:IRC ipaccess file. (For CGI:IRC versions from 0.5.3).
+#
+# Check /usr/share/doc/cgiirc/examples/ipaccess.example
+# for more details.
+#
+# Safe default configuration: Access only for localnet.
+127.0.0.0/8
--- cgiirc-0.5.9.orig/debian/patches/01_modules_location.dpatch
+++ cgiirc-0.5.9/debian/patches/01_modules_location.dpatch
@@ -0,0 +1,53 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 01_modules_location.dpatch by Damián Viano <des@debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Patch to change some paths according to the move of modules to
+## DP: /usr/share/cgiirc
+
+@DPATCH@
+diff -urNad cgiirc-0.5.9~/client-perl.cgi cgiirc-0.5.9/client-perl.cgi
+--- cgiirc-0.5.9~/client-perl.cgi	2006-04-30 13:09:28.000000000 -0300
++++ cgiirc-0.5.9/client-perl.cgi	2007-05-16 21:54:34.000000000 -0300
+@@ -18,7 +18,7 @@
+ # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ 
+ use strict;
+-use lib qw/modules/;
++use lib qw,/usr/share/cgiirc/modules,;
+ use vars qw($VERSION $PREFIX);
+ 
+ # change this if needed
+diff -urNad cgiirc-0.5.9~/irc.cgi cgiirc-0.5.9/irc.cgi
+--- cgiirc-0.5.9~/irc.cgi	2006-06-06 15:53:50.000000000 -0300
++++ cgiirc-0.5.9/irc.cgi	2007-05-16 21:55:07.000000000 -0300
+@@ -22,7 +22,7 @@
+ 
+ use strict;
+ use vars qw($VERSION $config $config_path);
+-use lib qw/modules interfaces/;
++use lib qw,/usr/share/cgiirc/modules /usr/share/cgiirc/interfaces,;
+ no warnings 'uninitialized';
+ 
+ ($VERSION =
+diff -urNad cgiirc-0.5.9~/nph-irc.cgi cgiirc-0.5.9/nph-irc.cgi
+--- cgiirc-0.5.9~/nph-irc.cgi	2006-06-06 15:50:12.000000000 -0300
++++ cgiirc-0.5.9/nph-irc.cgi	2007-05-16 21:55:52.000000000 -0300
+@@ -22,7 +22,7 @@
+ 
+ require 5.004;
+ use strict;
+-use lib qw{./modules ./interfaces};
++use lib qw{/usr/share/cgiirc/modules /usr/share/cgiirc/interfaces};
+ use vars qw(
+       $VERSION @handles %inbuffer $select_bits @output
+       $unixfh $ircfh $cookie $ctcptime $intime $pingtime
+@@ -472,7 +472,7 @@
+ sub load_interface {
+    my $name = defined $cgi->{interface} ? $cgi->{interface} : 'default';
+    ($name) = $name =~ /([a-z0-9]+)/i;
+-   require("./interfaces/$name.pm");
++   require("$name.pm");
+ 
+    $ioptions = parse_interface_cookie();
+    for(keys %$config) {
--- cgiirc-0.5.9.orig/debian/patches/02_interfaces_location.dpatch
+++ cgiirc-0.5.9/debian/patches/02_interfaces_location.dpatch
@@ -0,0 +1,59 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 02_interfaces_location.dpatch by Damián Viano <des@debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Change the path of the interfaces better following webapp policy.
+## DP: Note that this could also have been generated with the provided
+## DP: generator script for interfaces, but given the trivial of the patch, I
+## DP: opted to do it this way rather than regenerating the interfaces on
+## DP: every build
+
+@DPATCH@
+diff -urNad cgiirc-0.5.9~/interfaces/ie.pm cgiirc-0.5.9/interfaces/ie.pm
+--- cgiirc-0.5.9~/interfaces/ie.pm	2006-05-01 06:55:46.000000000 -0300
++++ cgiirc-0.5.9/interfaces/ie.pm	2007-05-16 22:43:19.000000000 -0300
+@@ -197,7 +197,7 @@
+    my($self, $cgi, $config) = @_;
+    my $style = $cgi->{style} || 'default';
+    $cgi->{style} =~ s/[^a-z]//gi;
+-   open(STYLE, "<interfaces/style-$style.css") or die("Error opening stylesheet $style: $!");
++   open(STYLE, "</usr/share/cgiirc/interfaces/style-$style.css") or die("Error opening stylesheet $style: $!");
+    print <STYLE>;
+    close(STYLE);
+ }
+diff -urNad cgiirc-0.5.9~/interfaces/konqueror.pm cgiirc-0.5.9/interfaces/konqueror.pm
+--- cgiirc-0.5.9~/interfaces/konqueror.pm	2006-05-01 06:55:46.000000000 -0300
++++ cgiirc-0.5.9/interfaces/konqueror.pm	2007-05-16 22:43:09.000000000 -0300
+@@ -197,7 +197,7 @@
+    my($self, $cgi, $config) = @_;
+    my $style = $cgi->{style} || 'default';
+    $cgi->{style} =~ s/[^a-z]//gi;
+-   open(STYLE, "<interfaces/style-$style.css") or die("Error opening stylesheet $style: $!");
++   open(STYLE, "</usr/share/cgiirc/interfaces/style-$style.css") or die("Error opening stylesheet $style: $!");
+    print <STYLE>;
+    close(STYLE);
+ }
+diff -urNad cgiirc-0.5.9~/interfaces/mozilla.pm cgiirc-0.5.9/interfaces/mozilla.pm
+--- cgiirc-0.5.9~/interfaces/mozilla.pm	2006-05-01 06:55:46.000000000 -0300
++++ cgiirc-0.5.9/interfaces/mozilla.pm	2007-05-16 22:43:27.000000000 -0300
+@@ -197,7 +197,7 @@
+    my($self, $cgi, $config) = @_;
+    my $style = $cgi->{style} || 'default';
+    $cgi->{style} =~ s/[^a-z]//gi;
+-   open(STYLE, "<interfaces/style-$style.css") or die("Error opening stylesheet $style: $!");
++   open(STYLE, "</usr/share/cgiirc/interfaces/style-$style.css") or die("Error opening stylesheet $style: $!");
+    print <STYLE>;
+    close(STYLE);
+ }
+diff -urNad cgiirc-0.5.9~/interfaces/opera7.pm cgiirc-0.5.9/interfaces/opera7.pm
+--- cgiirc-0.5.9~/interfaces/opera7.pm	2006-05-01 06:55:46.000000000 -0300
++++ cgiirc-0.5.9/interfaces/opera7.pm	2007-05-16 22:42:38.000000000 -0300
+@@ -197,7 +197,7 @@
+    my($self, $cgi, $config) = @_;
+    my $style = $cgi->{style} || 'default';
+    $cgi->{style} =~ s/[^a-z]//gi;
+-   open(STYLE, "<interfaces/style-$style.css") or die("Error opening stylesheet $style: $!");
++   open(STYLE, "</usr/share/cgiirc/interfaces/style-$style.css") or die("Error opening stylesheet $style: $!");
+    print <STYLE>;
+    close(STYLE);
+ }
--- cgiirc-0.5.9.orig/debian/patches/00list
+++ cgiirc-0.5.9/debian/patches/00list
@@ -0,0 +1,3 @@
+01_modules_location
+02_interfaces_location
+03_CVE-2011-0050.dpatch
--- cgiirc-0.5.9.orig/debian/patches/03_CVE-2011-0050.dpatch
+++ cgiirc-0.5.9/debian/patches/03_CVE-2011-0050.dpatch
@@ -0,0 +1,19 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 03_CVE-2011-0050.dpatch by  <skx@debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Prevent XSS attack in clients not using javascript.
+
+@DPATCH@
+diff -urNad cgiirc-0.5.9~/interfaces/nonjs.pm cgiirc-0.5.9/interfaces/nonjs.pm
+--- cgiirc-0.5.9~/interfaces/nonjs.pm  2011-02-02 08:55:31.000000000 +0000
++++ cgiirc-0.5.9/interfaces/nonjs.pm   2011-02-02 08:57:12.000000000 +0000
+@@ -192,6 +192,8 @@
+ 
+ sub fuserlist {
+    my($self, $cgi, $config) = @_;
++   my $r = _escape($cgi->{R});
++
+ print <<EOF;
+ $standardheader
+ <html><head>
page code/design/content is copyright (c) 2008 sean finney <seanius@debian.org>.
patches viewed/retrieved through this system are copyrighted by their respective authors.
browse git repo - clone git repo