Site Navigation:
security viewvc-1.1.17-1.el5 security update
Status:stable
Release: Fedora EPEL 5
Update ID: FEDORA-EPEL-2012-13249
Builds: viewvc-1.1.17-1.el5 (logs)
Pushed: True
Date Submitted: 2012-10-22 01:28:50
Date Released: 2012-10-22 20:38:35
Date Modified: 2012-10-25 20:51:25
Submitter: bojan
Karma: 0
Details

Patch CVE-2012-4533.

Version 1.1.16

  • security fix: escape "extra" diff info to avoid XSS attack (issue #515)
  • add 'binary_mime_types' configuration option and handling (issue #510)
  • fix 'select for diffs' persistence across log pages (issue #512)
  • remove lock status and filesize check on directories in remote SVN views
  • fix bogus 'Annotation of' page title for non-annotated view (issue #514)

Version 1.1.17 (released 25-Oct-2012)

  • fix exception caused by uninitialized variable usage (issue #516)
Bugs Fixed
868606 - CVE-2012-4533: viewvc: lib/viewvc.py XSS
868609 - CVE-2012-4533: viewvc 1.1.5 lib/viewvc.py XSS [epel-all]
Feedback
bodhi - 2012-10-22 01:29:02
This update has been submitted for testing by bojan.
bodhi - 2012-10-22 19:49:51
This update is currently being pushed to the Fedora EPEL 5 testing updates repository.
bodhi - 2012-10-22 20:54:11
This update has been pushed to testing
bodhi - 2012-10-24 23:15:05
bojan has edited this update. New build(s): viewvc-1.1.16-1.el5. Removed build(s): viewvc-1.1.15-3.el5.
bodhi - 2012-10-24 23:15:31
This update has been submitted for testing by bojan.
bodhi - 2012-10-25 20:51:19
bojan has edited this update. New build(s): viewvc-1.1.17-1.el5. Removed build(s): viewvc-1.1.16-1.el5.
bodhi - 2012-10-26 17:12:21
This update is currently being pushed to the Fedora EPEL 5 testing updates repository.
bodhi - 2012-10-26 18:33:53
This update has been pushed to testing
bodhi - 2012-11-09 22:04:07
This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes
bodhi - 2012-11-09 22:40:32
This update has been submitted for stable by bojan.
bodhi - 2012-11-10 17:34:53
This update is currently being pushed to the Fedora EPEL 5 stable updates repository.
bodhi - 2012-11-10 19:02:58
This update has been pushed to stable

Add a comment

Tip: Login to impact how quickly this update gets pushed or unpushed.
obfuscated letters