Hello community, here is the log from the commit of package yast2-http-server for openSUSE:Factory checked in at 2018-12-31 09:43:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2-http-server (Old) and /work/SRC/openSUSE:Factory/.yast2-http-server.new.28833 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-http-server" Mon Dec 31 09:43:25 2018 rev:85 rq:657270 version:4.1.3 Changes: -------- --- /work/SRC/openSUSE:Factory/yast2-http-server/yast2-http-server.changes 2018-08-18 00:02:34.670802045 +0200 +++ /work/SRC/openSUSE:Factory/.yast2-http-server.new.28833/yast2-http-server.changes 2018-12-31 09:43:26.914361111 +0100 @@ -1,0 +2,23 @@ +Tue Dec 11 13:04:16 UTC 2018 - [email protected] + +- always use absolute path to binaries (bsc#1118291) +- properly escape shell arguments (bsc#1118291) +- 4.1.3 + +------------------------------------------------------------------- +Sat Nov 24 22:02:56 UTC 2018 - Stasiek Michalski <[email protected]> + +- Provide icon with module (boo#1109310) +- 4.1.2 + +------------------------------------------------------------------- +Tue Oct 16 16:15:53 CEST 2018 - [email protected] + +- Added license file to spec. + +------------------------------------------------------------------- +Mon Aug 20 13:55:03 CEST 2018 - [email protected] + +- Switched license in spec file from SPDX2 to SPDX3 format. + +------------------------------------------------------------------- Old: ---- yast2-http-server-4.1.1.tar.bz2 New: ---- yast2-http-server-4.1.3.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-http-server.spec ++++++ --- /var/tmp/diff_new_pack.KWTl9i/_old 2018-12-31 09:43:27.330360771 +0100 +++ /var/tmp/diff_new_pack.KWTl9i/_new 2018-12-31 09:43:27.334360768 +0100 @@ -17,7 +17,7 @@ Name: yast2-http-server -Version: 4.1.1 +Version: 4.1.3 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -49,7 +49,7 @@ Requires: yast2-ruby-bindings >= 1.0.0 Summary: YaST2 - HTTP Server Configuration -License: GPL-2.0 +License: GPL-2.0-only Group: System/YaST %description @@ -77,5 +77,7 @@ %{yast_scrconfdir}/* %{yast_agentdir}/* %doc %{yast_docdir} +%{yast_icondir} +%license COPYING %changelog ++++++ yast2-http-server-4.1.1.tar.bz2 -> yast2-http-server-4.1.3.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-http-server-4.1.1/package/yast2-http-server.changes new/yast2-http-server-4.1.3/package/yast2-http-server.changes --- old/yast2-http-server-4.1.1/package/yast2-http-server.changes 2018-08-15 08:57:46.000000000 +0200 +++ new/yast2-http-server-4.1.3/package/yast2-http-server.changes 2018-12-11 17:06:11.000000000 +0100 @@ -1,4 +1,27 @@ ------------------------------------------------------------------- +Tue Dec 11 13:04:16 UTC 2018 - [email protected] + +- always use absolute path to binaries (bsc#1118291) +- properly escape shell arguments (bsc#1118291) +- 4.1.3 + +------------------------------------------------------------------- +Sat Nov 24 22:02:56 UTC 2018 - Stasiek Michalski <[email protected]> + +- Provide icon with module (boo#1109310) +- 4.1.2 + +------------------------------------------------------------------- +Tue Oct 16 16:15:53 CEST 2018 - [email protected] + +- Added license file to spec. + +------------------------------------------------------------------- +Mon Aug 20 13:55:03 CEST 2018 - [email protected] + +- Switched license in spec file from SPDX2 to SPDX3 format. + +------------------------------------------------------------------- Tue Aug 14 11:04:38 UTC 2018 - [email protected] - Fixed PHP support (use PHP7 instead of dropped PHP5) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-http-server-4.1.1/package/yast2-http-server.spec new/yast2-http-server-4.1.3/package/yast2-http-server.spec --- old/yast2-http-server-4.1.1/package/yast2-http-server.spec 2018-08-15 08:57:46.000000000 +0200 +++ new/yast2-http-server-4.1.3/package/yast2-http-server.spec 2018-12-11 17:06:11.000000000 +0100 @@ -17,14 +17,14 @@ Name: yast2-http-server -Version: 4.1.1 +Version: 4.1.3 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build Source0: %{name}-%{version}.tar.bz2 Group: System/YaST -License: GPL-2.0 +License: GPL-2.0-only BuildRequires: yast2-network docbook-xsl-stylesheets doxygen libxslt perl-XML-Writer popt-devel sgml-skel update-desktop-files yast2-packagemanager-devel yast2-perl-bindings yast2-testsuite libzio BuildRequires: yast2-devtools >= 3.1.10 # Yast2::ServiceWidget @@ -65,3 +65,5 @@ %{yast_scrconfdir}/* %{yast_agentdir}/* %doc %{yast_docdir} +%{yast_icondir} +%license COPYING diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-http-server-4.1.1/src/Makefile.am new/yast2-http-server-4.1.3/src/Makefile.am --- old/yast2-http-server-4.1.1/src/Makefile.am 2018-08-15 08:57:46.000000000 +0200 +++ new/yast2-http-server-4.1.3/src/Makefile.am 2018-12-11 17:06:11.000000000 +0100 @@ -40,6 +40,13 @@ desktop_DATA = \ desktop/http-server.desktop -EXTRA_DIST = $(module_DATA) $(module1_DATA) $(module2_DATA) $(client_DATA) $(ynclude_DATA) $(scrconf_DATA) $(agent_SCRIPTS) $(schemafiles_DATA) $(desktop_DATA) +symbolicdir = @icondir@/hicolor/symbolic/apps +symbolic_DATA = \ + icons/hicolor/symbolic/apps/yast-http-server-symbolic.svg +scalabledir = @icondir@/hicolor/scalable/apps +scalable_DATA = \ + icons/hicolor/scalable/apps/yast-http-server.svg -include $(top_srcdir)/Makefile.am.common \ No newline at end of file +EXTRA_DIST = $(module_DATA) $(module1_DATA) $(module2_DATA) $(client_DATA) $(ynclude_DATA) $(scrconf_DATA) $(agent_SCRIPTS) $(schemafiles_DATA) $(desktop_DATA) $(symbolic_DATA) $(scalable_DATA) + +include $(top_srcdir)/Makefile.am.common diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-http-server-4.1.1/src/icons/hicolor/scalable/apps/yast-http-server.svg new/yast2-http-server-4.1.3/src/icons/hicolor/scalable/apps/yast-http-server.svg --- old/yast2-http-server-4.1.1/src/icons/hicolor/scalable/apps/yast-http-server.svg 1970-01-01 01:00:00.000000000 +0100 +++ new/yast2-http-server-4.1.3/src/icons/hicolor/scalable/apps/yast-http-server.svg 2018-12-11 17:06:11.000000000 +0100 @@ -0,0 +1,101 @@ +<?xml version="1.0" encoding="UTF-8"?> +<svg width="128" height="128" version="1.1" viewBox="0 0 128 128.00001" xmlns="http://www.w3.org/2000/svg";> +<defs> +<linearGradient id="a" x1="2" x2="30" y1="27" y2="27" gradientTransform="matrix(4,0,0,4,0,-4)" gradientUnits="userSpaceOnUse"> +<stop stop-color="#5e5c64" offset="0"/> +<stop stop-color="#9a9996" offset=".035714"/> +<stop stop-color="#5e5c64" offset=".071429"/> +<stop stop-color="#5e5c64" offset=".92857"/> +<stop stop-color="#9a9996" offset=".96429"/> +<stop stop-color="#5e5c64" offset="1"/> +</linearGradient> +</defs> +<rect x="8" y="24" width="112" height="24" ry="4" fill="#5e5c64"/> +<rect x="8" y="48" width="112" height="24" ry="4" fill="#5e5c64"/> +<rect x="8" y="72" width="112" height="24" ry="4.2348" fill="#5e5c64"/> +<rect x="8" y="92" width="112" height="20" ry="4" fill="url(#a)"/> +<rect x="8" y="12" width="112" height="20" ry="4" fill="#9a9996"/> +<rect x="8" y="36" width="112" height="20" ry="4" fill="#9a9996"/> +<rect x="8" y="60" width="112" height="20" ry="4" fill="#9a9996"/> +<rect x="8" y="84" width="112" height="20" ry="4" fill="#9a9996"/> +<rect x="56" y="16" width="60" height="12" ry="0" fill="#3d3846"/> +<rect x="56" y="20" width="60" height="8" ry="0" fill="#5e5c64"/> +<rect x="56" y="40" width="60" height="12" ry="0" fill="#3d3846"/> +<rect x="56" y="44" width="60" height="8" ry="0" fill="#5e5c64"/> +<rect x="56" y="64" width="60" height="12" ry="0" fill="#3d3846"/> +<rect x="56" y="68" width="60" height="8" ry="0" fill="#5e5c64"/> +<rect x="56" y="88" width="60" height="12" ry="0" fill="#3d3846"/> +<rect x="56" y="92" width="60" height="8" ry="0" fill="#5e5c64"/> +<rect x="16" y="16" width="4" height="8" ry="2" fill="#5e5c64"/> +<rect x="16" y="20" width="4" height="4" ry="2" fill="#f6d32d"/> +<rect x="24" y="16" width="4" height="8" ry="2" fill="#5e5c64"/> +<rect x="24" y="20" width="4" height="4" ry="2" fill="#33d17a"/> +<rect x="16" y="40" width="4" height="8" ry="2" fill="#5e5c64"/> +<rect x="16" y="44" width="4" height="4" ry="2" fill="#33d17a"/> +<rect x="24" y="40" width="4" height="8" ry="2" fill="#5e5c64"/> +<rect x="24" y="44" width="4" height="4" ry="2" fill="#e01b24"/> +<rect x="16" y="64" width="4" height="8" ry="2" fill="#5e5c64"/> +<rect x="16" y="68" width="4" height="4" ry="2" fill="#e01b24"/> +<rect x="24" y="64" width="4" height="8" ry="2" fill="#5e5c64"/> +<rect x="24" y="68" width="4" height="4" ry="2" fill="#f6d32d"/> +<rect x="16" y="88" width="4" height="8" ry="2" fill="#5e5c64"/> +<rect x="16" y="92" width="4" height="4" ry="2" fill="#f6d32d"/> +<rect x="24" y="88" width="4" height="8" ry="2" fill="#5e5c64"/> +<rect x="24" y="92" width="4" height="4" ry="2" fill="#33d17a"/> +<rect x="60" y="44" width="4" height="8" fill="#3d3846"/> +<rect x="60" y="40" width="4" height="4" fill="#241f31"/> +<rect x="68" y="44" width="4" height="8" fill="#3d3846"/> +<rect x="68" y="40" width="4" height="4" fill="#241f31"/> +<rect x="76" y="44" width="4" height="8" fill="#3d3846"/> +<rect x="76" y="40" width="4" height="4" fill="#241f31"/> +<rect x="84" y="44" width="4" height="8" fill="#3d3846"/> +<rect x="84" y="40" width="4" height="4" fill="#241f31"/> +<rect x="92" y="44" width="4" height="8" fill="#3d3846"/> +<rect x="92" y="40" width="4" height="4" fill="#241f31"/> +<rect x="100" y="44" width="4" height="8" fill="#3d3846"/> +<rect x="100" y="40" width="4" height="4" fill="#241f31"/> +<rect x="108" y="44" width="4" height="8" fill="#3d3846"/> +<rect x="108" y="40" width="4" height="4" fill="#241f31"/> +<rect x="60" y="20" width="4" height="8" fill="#3d3846"/> +<rect x="60" y="16" width="4" height="4" fill="#241f31"/> +<rect x="68" y="20" width="4" height="8" fill="#3d3846"/> +<rect x="68" y="16" width="4" height="4" fill="#241f31"/> +<rect x="76" y="20" width="4" height="8" fill="#3d3846"/> +<rect x="76" y="16" width="4" height="4" fill="#241f31"/> +<rect x="84" y="20" width="4" height="8" fill="#3d3846"/> +<rect x="84" y="16" width="4" height="4" fill="#241f31"/> +<rect x="92" y="20" width="4" height="8" fill="#3d3846"/> +<rect x="92" y="16" width="4" height="4" fill="#241f31"/> +<rect x="100" y="20" width="4" height="8" fill="#3d3846"/> +<rect x="100" y="16" width="4" height="4" fill="#241f31"/> +<rect x="108" y="20" width="4" height="8" fill="#3d3846"/> +<rect x="108" y="16" width="4" height="4" fill="#241f31"/> +<rect x="60" y="68" width="4" height="8" fill="#3d3846"/> +<rect x="60" y="64" width="4" height="4" fill="#241f31"/> +<rect x="68" y="68" width="4" height="8" fill="#3d3846"/> +<rect x="68" y="64" width="4" height="4" fill="#241f31"/> +<rect x="76" y="68" width="4" height="8" fill="#3d3846"/> +<rect x="76" y="64" width="4" height="4" fill="#241f31"/> +<rect x="84" y="68" width="4" height="8" fill="#3d3846"/> +<rect x="84" y="64" width="4" height="4" fill="#241f31"/> +<rect x="92" y="68" width="4" height="8" fill="#3d3846"/> +<rect x="92" y="64" width="4" height="4" fill="#241f31"/> +<rect x="100" y="68" width="4" height="8" fill="#3d3846"/> +<rect x="100" y="64" width="4" height="4" fill="#241f31"/> +<rect x="108" y="68" width="4" height="8" fill="#3d3846"/> +<rect x="108" y="64" width="4" height="4" fill="#241f31"/> +<rect x="60" y="92" width="4" height="8" fill="#3d3846"/> +<rect x="60" y="88" width="4" height="4" fill="#241f31"/> +<rect x="68" y="92" width="4" height="8" fill="#3d3846"/> +<rect x="68" y="88" width="4" height="4" fill="#241f31"/> +<rect x="76" y="92" width="4" height="8" fill="#3d3846"/> +<rect x="76" y="88" width="4" height="4" fill="#241f31"/> +<rect x="84" y="92" width="4" height="8" fill="#3d3846"/> +<rect x="84" y="88" width="4" height="4" fill="#241f31"/> +<rect x="92" y="92" width="4" height="8" fill="#3d3846"/> +<rect x="92" y="88" width="4" height="4" fill="#241f31"/> +<rect x="100" y="92" width="4" height="8" fill="#3d3846"/> +<rect x="100" y="88" width="4" height="4" fill="#241f31"/> +<rect x="108" y="92" width="4" height="8" fill="#3d3846"/> +<rect x="108" y="88" width="4" height="4" fill="#241f31"/> +</svg> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-http-server-4.1.1/src/icons/hicolor/symbolic/apps/yast-http-server-symbolic.svg new/yast2-http-server-4.1.3/src/icons/hicolor/symbolic/apps/yast-http-server-symbolic.svg --- old/yast2-http-server-4.1.1/src/icons/hicolor/symbolic/apps/yast-http-server-symbolic.svg 1970-01-01 01:00:00.000000000 +0100 +++ new/yast2-http-server-4.1.3/src/icons/hicolor/symbolic/apps/yast-http-server-symbolic.svg 2018-12-11 17:06:11.000000000 +0100 @@ -0,0 +1,3 @@ +<svg xmlns="http://www.w3.org/2000/svg"; width="16" height="16"> + <path d="M 2 0 C 0.892 0 0 0.892 0 2 L 0 14 C 0 15.108 0.892 16 2 16 L 10 16 L 10 14 L 2 14 L 2 11 L 10 11 L 10 10 L 2 10 L 2 8 L 14 8 L 14 10 L 16 10 L 16 2 C 16 0.892 15.108 0 14 0 L 2 0 z M 2 2 L 14 2 L 14 4 L 2 4 L 2 2 z M 2 5 L 14 5 L 14 7 L 2 7 L 2 5 z M 11 11 L 11 16 L 16 16 L 16 11 L 11 11 z M 3.5 12 C 3.223 12 3 12.223 3 12.5 C 3 12.777 3.223 13 3.5 13 C 3.777 13 4 12.777 4 12.5 C 4 12.223 3.777 12 3.5 12 z M 5.5 12 C 5.223 12 5 12.223 5 12.5 C 5 12.777 5.223 13 5.5 13 C 5.777 13 6 12.777 6 12.5 C 6 12.223 5.777 12 5.5 12 z M 7.5 12 C 7.223 12 7 12.223 7 12.5 C 7 12.777 7.223 13 7.5 13 L 9.5 13 C 9.777 13 10 12.777 10 12.5 C 10 12.223 9.777 12 9.5 12 L 7.5 12 z M 12 12 L 13 12 L 13 13 L 14 13 L 14 12 L 15 12 L 15 14 L 14 14 L 14 15 L 13 15 L 13 14 L 12 14 L 12 12 z " fill="#c0bfbc" /> +</svg> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-http-server-4.1.1/src/include/http-server/wizard-dialog.rb new/yast2-http-server-4.1.3/src/include/http-server/wizard-dialog.rb --- old/yast2-http-server-4.1.1/src/include/http-server/wizard-dialog.rb 2018-08-15 08:57:46.000000000 +0200 +++ new/yast2-http-server-4.1.3/src/include/http-server/wizard-dialog.rb 2018-12-11 17:06:11.000000000 +0100 @@ -221,9 +221,7 @@ ) ) - hostname = Convert.to_map( - SCR.Execute(path(".target.bash_output"), "/bin/hostname") - ) + hostname = SCR.Execute(path(".target.bash_output"), "/usr/bin/hostname") Builtins.y2milestone( "Hostname : %1", Ops.get_string(hostname, "stdout", "") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-http-server-4.1.1/src/modules/HttpServer.rb new/yast2-http-server-4.1.3/src/modules/HttpServer.rb --- old/yast2-http-server-4.1.1/src/modules/HttpServer.rb 2018-08-15 08:57:46.000000000 +0200 +++ new/yast2-http-server-4.1.3/src/modules/HttpServer.rb 2018-12-11 17:06:11.000000000 +0100 @@ -12,6 +12,8 @@ require "yast" require "yast2/system_service" require "y2firewall/firewalld" +require "shellwords" +require "fileutils" module Yast class HttpServerClass < Module @@ -123,7 +125,7 @@ if w_mode == true SCR.Execute( path(".target.bash"), - Builtins.sformat("rm %1%2", Directory.vardir, "/http_server") + "/usr/bin/rm #{File.join(Directory.vardir, "/http_server").shellescape}" ) Builtins.y2milestone("Set wizard mode on") else @@ -245,7 +247,7 @@ if SCR.Read(path(".target.lstat"), "/etc/sysconfig/apache2") == {} if SCR.Execute( path(".target.bash"), - "cp /var/adm/fillup-templates/sysconfig.apache2 /etc/sysconfig/apache2" + "/usr/bin/cp /var/adm/fillup-templates/sysconfig.apache2 /etc/sysconfig/apache2" ) != 0 # translators:: error message Report.Error(Message.CannotWriteSettingsTo("/etc/sysconfig/apache2")) @@ -360,34 +362,24 @@ end # add DHCP ones, if we can find out the current IP devs = NetworkInterfaces.Locate("BOOTPROTO", "dhcp") - Builtins.foreach(devs) do |dev| - output = Convert.to_map( - SCR.Execute( - path(".target.bash_output"), - Ops.add("/sbin/ifconfig ", dev), - { "LC_MESSAGES" => "C" } - ) + devs.each do |dev| + output = SCR.Execute( + path(".target.bash_output"), + "/usr/sbin/ip addr show #{dev.shellescape}", + { "LC_MESSAGES" => "C" } ) if Ops.get_integer(output, "exit", -1) == 0 # lookup the correct line first - line = Builtins.splitstring( - Ops.get_string(output, "stdout", ""), - "\n" - ) - addr = nil - Builtins.foreach(line) do |ln| - if Builtins.regexpmatch(ln, "^[ \t]*inet addr:") - addr = Builtins.regexpsub( - ln, - "^[ \t]*inet addr:([0-9\\.]+)[ \t]*", - "\\1" - ) - Builtins.y2milestone("Found addr: %1", addr) - raise Break - end - end - - Ops.set(@ip2device, addr, dev) if addr != nil && addr != "" + lines = Ops.get_string(output, "stdout", "").lines + lines.grep(/^\s*inet [0-9.]/) + line = lines.first + next unless line + + # line looks like + # inet 192.168.0.107/24 brd 192.168.0.255 scope global noprefixroute dynamic eth0 + addr = line[/^\s*inet\s*([0-9.]+)/, 1] + Builtins.y2milestone("Found addr: %1", addr) + Ops.set(@ip2device, addr, dev) end end @@ -487,10 +479,6 @@ Report.Error(Message.CannotAdjustService(service.name)) end - # configuration test - # map<string, any> test = (map<string, any>)SCR::Execute(.target.bash_output, "apache2ctl conftest"); - #y2internal("test %1", test); - (@files_to_check + dynamic_files_to_check()).each do |file| FileChanges.StoreFileCheckSum(file) end @@ -861,10 +849,10 @@ return if @vhost_files_to_backup.empty? backup_dir = File.join(APACHE_VHOSTS_DIR, "YaSTsave") - SCR.Execute(path(".target.bash"), "mkdir #{backup_dir}") + ::FileUtils.mkdir_p(backup_dir) @vhost_files_to_backup.each do |file| - SCR.Execute(path(".target.bash"), "cp -a #{file} #{backup_dir}") + SCR.Execute(path(".target.bash"), "/usr/bin/cp -a #{file.shellescape} #{backup_dir.shellescape}") end end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-http-server-4.1.1/src/modules/HttpServerWidgets.rb new/yast2-http-server-4.1.3/src/modules/HttpServerWidgets.rb --- old/yast2-http-server-4.1.1/src/modules/HttpServerWidgets.rb 2018-08-15 08:57:46.000000000 +0200 +++ new/yast2-http-server-4.1.3/src/modules/HttpServerWidgets.rb 2018-12-11 17:06:11.000000000 +0100 @@ -11,6 +11,8 @@ require "yast" require "cwm/service_widget" +require "shellwords" + module Yast class HttpServerWidgetsClass < Module @@ -997,7 +999,7 @@ # Reload server def ReloadServer - SCR.Execute(path(".target.bash"), "rcapache2 reload") + SCR.Execute(path(".target.bash"), "/usr/sbin/rcapache2 reload") nil end @@ -1990,7 +1992,7 @@ if cert_file != nil && SCR.Execute( path(".target.bash"), - Builtins.sformat("openssl x509 -in %1", cert_file) + Builtins.sformat("/usr/bin/openssl x509 -in %1", cert_file.shellescape) ) == 0 UI.ChangeWidget(:certfile, :Value, cert_file) else @@ -2004,11 +2006,10 @@ "*.key *.pem", _("Choose Certificate Key File") ) - # boolean keyfile = (SCR::Execute(.target.bash, sformat("openssl rsa -in %1", cert_file))==0)?true:false; if key_file != nil && SCR.Execute( path(".target.bash"), - Builtins.sformat("openssl rsa -in %1", key_file) + Builtins.sformat("/usr/bin/openssl rsa -in %1", key_file.shellescape) ) == 0 UI.ChangeWidget(:keyfile, :Value, key_file) else @@ -3149,16 +3150,12 @@ # list of all installed modules all_modules = Builtins.splitstring( Ops.get_string( - Convert.convert( - SCR.Execute( - path(".target.bash_output"), - Builtins.sformat( - "ls %1|grep \".so$\"|cut -d. -f1|cut -d_ -f2-", - module_dirs - ) - ), - :from => "any", - :to => "map <string, any>" + SCR.Execute( + path(".target.bash_output"), + Builtins.sformat( + "ls %1|grep \".so$\"|cut -d. -f1|cut -d_ -f2-", + module_dirs # do not shellescape as it is multiple files, see above. No shell injection possible. + ) ), "stdout", "" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-http-server-4.1.1/src/modules/YaPI/HTTPD.pm new/yast2-http-server-4.1.3/src/modules/YaPI/HTTPD.pm --- old/yast2-http-server-4.1.1/src/modules/YaPI/HTTPD.pm 2018-08-15 08:57:46.000000000 +0200 +++ new/yast2-http-server-4.1.3/src/modules/YaPI/HTTPD.pm 2018-12-11 17:06:11.000000000 +0100 @@ -904,7 +904,6 @@ BEGIN { $TYPEINFO{GetModuleList} = ["function", [ "list", "string" ] ]; } sub GetModuleList { my $self = shift; -# my $data = SCR->Read('.sysconfig.apache2.APACHE_MODULES'); # FIXME: Error handling my $data = SCR->Execute('.target.bash_output', 'a2enmod -l')->{'stdout'}; # FIXME: Error handling $data =~ s/mod_//g;
