$OpenBSD: patch-lib_BackupPC_CGI_View_pm,v 1.2 2011/10/28 21:56:57 jasper Exp $

First chunk:
Security fix for SA46615
BackupPC "num" Cross-Site Scripting Vulnerability

From http://patches.ubuntu.com/b/backuppc/backuppc_3.2.1-1ubuntu2.patch

--- lib/BackupPC/CGI/View.pm.orig	Mon Apr 25 05:31:55 2011
+++ lib/BackupPC/CGI/View.pm	Fri Oct 28 23:54:56 2011
@@ -46,7 +46,7 @@ sub action
     my $compress = 0;
     my $fh;
     my $host = $In{host};
-    my $num  = $In{num};
+    my $num  = ${EscHTML($In{num})};
     my $type = $In{type};
     my $linkHosts = 0;
     my($file, $comment);
@@ -86,7 +86,7 @@ sub action
         $file = $bpc->ConfDir() . "/hosts";
         $linkHosts = 1;
     } elsif ( $type eq "docs" ) {
-        $file = $bpc->InstallDir() . "/doc/BackupPC.html";
+        $file = $bpc->InstallDir() . "/share/doc/backuppc/BackupPC.html";
     } elsif ( $host ne "" ) {
         if ( !defined($In{num}) ) {
             # get the latest LOG file