From 8d39350677660d114502ceb48bd067c74339ece3 Mon Sep 17 00:00:00 2001
From: Benjamin Kellermann <Benjamin.Kellermann@gmx.de>
Date: Mon, 8 Jun 2009 11:17:32 +0200
Subject: Security bugfix: bzr.rb could be exploited

---
 participate.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'participate.rb')

diff --git a/participate.rb b/participate.rb
index 744f157..2fd057e 100644
--- a/participate.rb
+++ b/participate.rb
@@ -11,7 +11,7 @@ require "datepoll"
 Dir.chdir(olddir)
 
 if $cgi.include?("revision")
-	REVISION=$cgi["revision"].to_i
+	REVISION=$cgi["revision"]
 	table = YAML::load(VCS.cat(REVISION, "data.yaml"))
 else
 	table = YAML::load_file("data.yaml")
-- 
cgit v1.2.3