From 3ca9de2e00393f624d992759684b730cb21d9421 Mon Sep 17 00:00:00 2001
From: bizonix <bizonix@users.noreply.github.com>
Date: Fri, 19 Aug 2016 18:58:30 +0300
Subject: [PATCH] vulnerability fix.

---
 management/daemon.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/management/daemon.py b/management/daemon.py
index 9bc6429b..07baf6ce 100755
--- a/management/daemon.py
+++ b/management/daemon.py
@@ -562,7 +562,7 @@ def munin_cgi(filename):
 	if filename == "":
 		return ("a path must be specified", 404)
 
-	query_str = request.query_string.decode("utf-8", 'ignore')
+	query_str = request.query_string.decode("utf-8", 'ignore').replace('"', r'\"')
 
 	env = {'PATH_INFO': '/%s/' % filename, 'QUERY_STRING': query_str}
 	cmd = COMMAND % query_str