529712 – www-apps/coppermine: XSS vulnerability

Bug 529712 - www-apps/coppermine: XSS vulnerability

Summary: www-apps/coppermine: XSS vulnerability

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal trivial (vote)
Assignee:	Gentoo Security

URL:	http://forum.coppermine-gallery.net/i...
Whiteboard:	~4 [noglsa]
Keywords:

Depends on:
Blocks:

Reported:	2014-11-18 19:24 UTC by jannis
Modified:	2016-04-26 08:31 UTC (History)
CC List:	3 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description jannis 2014-11-18 19:24:25 UTC

Please bump www-apps/coppermine to the latest version. Older versions contain security vulnerabilities. The SRC_URI has to be changed though:
SRC_URI="mirror://sourceforge/coppermine/Coppermine/1.5.x/cpg${PV}.zip"

Reproducible: Always

Comment 1 Aaron Bauman (RETIRED) gentoo-dev

2016-02-26 14:04:17 UTC

old bug.  still no bump from maintainer.  candidate for tree cleaning.

Comment 2 Aaron Bauman (RETIRED) gentoo-dev

2016-03-19 06:51:35 UTC

# Aaron Bauman <bman@gentoo.org> (19 Mar 2016)
# Unpatched security vulnerability per bug #529712.
# Masked for removal in 30 days.
www-apps/coppermine

Comment 3 Aaron Bauman (RETIRED) gentoo-dev

2016-04-26 08:31:13 UTC

package tree cleaned.