Mercurial > p > roundup > code
view scripts/roundup.rc-debian @ 8365:4ac0bbb3e440
bug(security): CVE-2025-53865 - XSS bug
Extensive fixes in devel, responsive templates known to be
exploitable.
Similar constructs in classic and minimal templates not known
to be exploitable, but changed anyway.
doc/upgrading.txt:
Reformat to 66 characters.
Update with assigned CVE number.
Add section on fixing tal:replace with unsafe data.
Document analysis and assumptions in comment in file.
doc/security.txt:
Update with CVE number.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Fri, 11 Jul 2025 19:30:27 -0400 |
| parents | 6e3e4f24c753 |
| children |
line wrap: on
line source
#!/bin/sh -e # # roundup Startup script for the roundup http server. DESC='Roundup HTTP-Server' BINFILE=roundup-server EXECUTABLE=/usr/local/bin/$BINFILE PIDFILE=/var/run/roundup/server.pid LOGFILE=/var/log/roundup/roundup.log TRACKERS=tttech=/tttech/org/software/roundup/tttech/ OPTIONS="-- -p 8080 -u roundup -d $PIDFILE -l $LOGFILE $TRACKERS" test -x $EXECUTABLE || exit 0 start_stop() { case "$1" in start) printf "Starting $DESC:" start-stop-daemon --start --oknodo --quiet \ --pidfile $PIDFILE \ --exec $EXECUTABLE $OPTIONS printf " $BINFILE" printf ".\n" ;; stop) printf "Stopping $DESC:" start-stop-daemon --stop --oknodo --quiet \ --pidfile $PIDFILE \ --exec $EXECUTABLE $OPTIONS printf " $BINFILE" printf ".\n" ;; restart | force-reload) start_stop stop sleep 1 start_stop start ;; *) printf "Usage: $0 {start|stop|restart|force-reload}\n" >&2 exit 1 ;; esac } start_stop "$@" exit 0