From c9cf025fadfe043f0f2f679e10d1207d8a158bb6 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 7 Apr 2024 17:01:31 +0200
Subject: Adding debian version 2.4.57-2.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 debian/perl-framework/t/security/CVE-2007-6388.t | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 debian/perl-framework/t/security/CVE-2007-6388.t

(limited to 'debian/perl-framework/t/security/CVE-2007-6388.t')

diff --git a/debian/perl-framework/t/security/CVE-2007-6388.t b/debian/perl-framework/t/security/CVE-2007-6388.t
new file mode 100644
index 0000000..70ebb7d
--- /dev/null
+++ b/debian/perl-framework/t/security/CVE-2007-6388.t
@@ -0,0 +1,18 @@
+use strict;
+use warnings FATAL => 'all';
+
+use Apache::Test;
+use Apache::TestUtil;
+use Apache::TestRequest;
+
+my $vars = Apache::Test::vars();
+
+plan tests => 2, need_module 'status';
+
+my $url = '/server-status?refresh=42;fish';
+
+my $r = GET $url;
+
+ok t_cmp($r->code, 200, "response code is OK");
+
+ok t_cmp($r->header('Refresh'), 42, "refresh parameter not echoed verbatim");
-- 
cgit v1.2.3