715966 – (CVE-2020-5283) www-apps/viewvc: Multiple vulnerabilities (CVE-2020-5283)

Bug 715966 (CVE-2020-5283) - www-apps/viewvc: Multiple vulnerabilities (CVE-2020-5283)

Summary: www-apps/viewvc: Multiple vulnerabilities (CVE-2020-5283)

Status:	RESOLVED FIXED

Alias:	CVE-2020-5283

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor
Assignee:	Gentoo Security

URL:
Whiteboard:	B4 [noglsa cve]
Keywords:

Depends on:	708978
Blocks:
	Show dependency tree

Reported:	2020-04-03 01:58 UTC by Sam James
Modified:	2020-07-28 19:01 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sam James archtester

2020-04-03 01:58:30 UTC

1) CVE-2020-5283

Description:
"ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS show_subdir_lastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by an otherwise trusted ViewVC instance that also has the `show_subdir_lastmod` feature enabled. The attack vector involves files with unsafe names (names that, when embedded into an HTML stream, would cause the browser to run unwanted code), which themselves can be challenging to create. This vulnerability is patched in versions 1.2.1 and 1.1.28."

Advisory: https://github.com/viewvc/viewvc/security/advisories/GHSA-xpxf-fvqv-7mfg
Bug: https://github.com/viewvc/viewvc/issues/211
Patch: https://github.com/viewvc/viewvc/commit/ad0f966e9a997b17d853a6972ea283d4dcd70fa8

2) (no CVE)

Path disclosure via stack traces, fixed in 1.1.27, 1.2.0.

Bug: https://github.com/viewvc/viewvc/issues/140

Comment 1 Sam James archtester

2020-04-03 01:59:07 UTC

@maintainer(s), please create an appropriate ebuild.

Comment 2 Sam James archtester

2020-04-15 21:35:44 UTC

@maintainer(s): ping

Comment 3 Larry the Git Cow gentoo-dev

2020-07-28 18:47:06 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3831172264494f42d621e760593f4d066900d922

commit 3831172264494f42d621e760593f4d066900d922
Author:     Aaron Bauman <bman@gentoo.org>
AuthorDate: 2020-07-28 18:45:29 +0000
Commit:     Aaron Bauman <bman@gentoo.org>
CommitDate: 2020-07-28 18:45:29 +0000

    */*: Drop more Py2 last-rited pkgs
    
    Bug: https://bugs.gentoo.org/715966
    Closes: https://bugs.gentoo.org/714628
    Closes: https://bugs.gentoo.org/606680
    Closes: https://bugs.gentoo.org/686238
    Closes: https://bugs.gentoo.org/710214
    Closes: https://bugs.gentoo.org/710028
    Closes: https://bugs.gentoo.org/710032
    Closes: https://bugs.gentoo.org/656934
    Closes: https://bugs.gentoo.org/592718
    Closes: https://bugs.gentoo.org/446122
    Closes: https://bugs.gentoo.org/547210
    Closes: https://bugs.gentoo.org/359785
    Closes: https://bugs.gentoo.org/571396
    Closes: https://bugs.gentoo.org/600754
    Closes: https://bugs.gentoo.org/677830
    Closes: https://bugs.gentoo.org/710716
    Closes: https://bugs.gentoo.org/651940
    Closes: https://bugs.gentoo.org/695132
    Closes: https://bugs.gentoo.org/708978
    Closes: https://bugs.gentoo.org/710058
    
    Signed-off-by: Aaron Bauman <bman@gentoo.org>

 app-backup/holland-backup-example/Manifest         |   1 -
 .../holland-backup-example-1.0.10.ebuild           |  39 -----
 app-backup/holland-backup-example/metadata.xml     |   5 -
 app-backup/holland-backup-pgdump/Manifest          |   1 -
 .../holland-backup-pgdump-1.0.10.ebuild            |  38 -----
 app-backup/holland-backup-pgdump/metadata.xml      |   5 -
 app-backup/holland-backup-random/Manifest          |   1 -
 .../holland-backup-random-1.0.10.ebuild            |  39 -----
 app-backup/holland-backup-random/metadata.xml      |   5 -
 app-backup/holland-backup-sqlite/Manifest          |   1 -
 .../holland-backup-sqlite-1.0.10.ebuild            |  39 -----
 app-backup/holland-backup-sqlite/metadata.xml      |   5 -
 app-backup/holland-lib-common/Manifest             |   1 -
 .../holland-lib-common-1.0.10.ebuild               |  25 ----
 app-backup/holland-lib-common/metadata.xml         |   5 -
 app-backup/holland-lib-lvm/Manifest                |   1 -
 .../holland-lib-lvm/holland-lib-lvm-1.0.10.ebuild  |  25 ----
 app-backup/holland-lib-lvm/metadata.xml            |   5 -
 app-backup/holland/Manifest                        |   1 -
 app-backup/holland/holland-1.0.10.ebuild           |  54 -------
 app-backup/holland/metadata.xml                    |   5 -
 app-cdr/burn-cd/Manifest                           |   2 -
 app-cdr/burn-cd/burn-cd-1.8.0-r1.ebuild            |  31 ----
 app-cdr/burn-cd/burn-cd-1.8.1.ebuild               |  27 ----
 app-cdr/burn-cd/metadata.xml                       |  16 ---
 app-dicts/opendict/Manifest                        |   1 -
 app-dicts/opendict/metadata.xml                    |  11 --
 app-dicts/opendict/opendict-0.6.7-r1.ebuild        |  91 ------------
 app-editors/editra/Manifest                        |   1 -
 app-editors/editra/editra-0.7.20-r2.ebuild         |  54 -------
 app-editors/editra/files/editra-0.7.20-wx30.patch  |  44 ------
 app-editors/editra/metadata.xml                    |   8 --
 app-editors/leo/Manifest                           |   1 -
 app-editors/leo/leo-5.6.ebuild                     |  36 -----
 app-editors/leo/metadata.xml                       |   9 --
 app-emulation/playonlinux/Manifest                 |   2 -
 .../files/playonlinux-4.2.4-binary-plugin.patch    |  17 ---
 .../files/playonlinux-4.2.4-pol-bash.patch         |  35 -----
 .../playonlinux-4.2.6-stop-update-warning.patch    |  17 ---
 app-emulation/playonlinux/files/playonlinux-pkg.1  |  33 -----
 app-emulation/playonlinux/files/playonlinux.1      |  33 -----
 app-emulation/playonlinux/metadata.xml             |  15 --
 .../playonlinux/playonlinux-4.2.12.ebuild          | 118 ---------------
 .../playonlinux/playonlinux-4.3.4-r1.ebuild        | 108 --------------
 app-office/taskcoach/Manifest                      |   1 -
 .../files/taskcoach-1.4.3-version-check.patch      |  25 ----
 app-office/taskcoach/metadata.xml                  |  21 ---
 app-office/taskcoach/taskcoach-1.4.6.ebuild        |  41 ------
 app-text/bibus/Manifest                            |   2 -
 app-text/bibus/bibus-1.5.2-r3.ebuild               |  86 -----------
 app-text/bibus/files/bibus-1.5.2-bibus.cfg.patch   |  31 ----
 app-text/bibus/files/bibus-1.5.2-install.patch     | 110 --------------
 app-text/bibus/files/bibus-1.5.2-wx30.patch        | 158 ---------------------
 app-text/bibus/metadata.xml                        |  11 --
 dev-db/SchemaSync/Manifest                         |   3 -
 dev-db/SchemaSync/SchemaSync-0.9.2-r1.ebuild       |  24 ----
 dev-db/SchemaSync/SchemaSync-0.9.4.ebuild          |  23 ---
 dev-db/SchemaSync/SchemaSync-0.9.5.ebuild          |  23 ---
 dev-db/SchemaSync/metadata.xml                     |  12 --
 dev-python/squaremap/Manifest                      |   1 -
 dev-python/squaremap/metadata.xml                  |  15 --
 dev-python/squaremap/squaremap-1.0.4.ebuild        |  26 ----
 dev-util/wxglade/Manifest                          |   1 -
 .../wxglade/files/wxglade-0.6.3-wxversion.patch    |  12 --
 dev-util/wxglade/metadata.xml                      |  11 --
 dev-util/wxglade/wxglade-0.8.2-r1.ebuild           |  55 -------
 media-gfx/fontypython/Manifest                     |   1 -
 .../0001-Do-not-crash-on-empty-pogs-list.patch     |  21 ---
 ...nused-code-which-causes-crash-with-wx-3.0.patch | 134 -----------------
 ...python-3.0-which-enforces-assertions-on-L.patch |  28 ----
 .../fontypython/files/fontypython-pillow.patch     |  41 ------
 media-gfx/fontypython/fontypython-0.4.4-r3.ebuild  |  38 -----
 media-gfx/fontypython/metadata.xml                 |   8 --
 media-gfx/fr0st/Manifest                           |   1 -
 media-gfx/fr0st/files/fr0st-1.4-colour.patch       |   9 --
 media-gfx/fr0st/fr0st-1.4-r2.ebuild                |  57 --------
 media-gfx/fr0st/metadata.xml                       |   8 --
 profiles/package.mask                              |  38 -----
 sci-chemistry/apbs/Manifest                        |   1 -
 sci-chemistry/apbs/apbs-1.4.1-r2.ebuild            | 129 -----------------
 sci-chemistry/apbs/files/apbs-1.4.1-manip.patch    |  50 -------
 sci-chemistry/apbs/files/apbs-1.4.1-multilib.patch |  92 ------------
 sci-chemistry/apbs/files/apbs-1.4.1-python.patch   | 122 ----------------
 sci-chemistry/apbs/metadata.xml                    |  25 ----
 sci-chemistry/eden/Manifest                        |   1 -
 sci-chemistry/eden/eden-5.3-r2.ebuild              |  88 ------------
 sci-chemistry/eden/files/5.3-makefile-fixes.patch  |  60 --------
 .../eden/files/eden-5.3-format-security.patch      |  96 -------------
 sci-chemistry/eden/files/eden-5.3-impl-dec.patch   |  28 ----
 sci-chemistry/eden/files/makefile-fixes.patch      |  25 ----
 sci-chemistry/eden/metadata.xml                    |  12 --
 sci-chemistry/p3d/Manifest                         |   1 -
 sci-chemistry/p3d/metadata.xml                     |  21 ---
 sci-chemistry/p3d/p3d-0.4.3-r1.ebuild              |  29 ----
 sci-chemistry/p3d/p3d-9999.ebuild                  |  27 ----
 sci-chemistry/pdb-tools/Manifest                   |   1 -
 sci-chemistry/pdb-tools/metadata.xml               |  12 --
 sci-chemistry/pdb-tools/pdb-tools-0.2.1-r1.ebuild  |  79 -----------
 sci-chemistry/pdb-tools/pdb-tools-0.2.1-r2.ebuild  |  83 -----------
 sci-chemistry/pdb2pqr/Manifest                     |   1 -
 sci-chemistry/pdb2pqr/files/pdb2pka                |  13 --
 sci-chemistry/pdb2pqr/files/pdb2pqr                |  13 --
 .../pdb2pqr/files/pdb2pqr-1.9.0-flags.patch        |  45 ------
 .../pdb2pqr/files/pdb2pqr-1.9.0-install-py.patch   |  15 --
 sci-chemistry/pdb2pqr/metadata.xml                 |  15 --
 sci-chemistry/pdb2pqr/pdb2pqr-1.9.0-r3.ebuild      | 114 ---------------
 sci-chemistry/prodecomp/Manifest                   |   1 -
 sci-chemistry/prodecomp/metadata.xml               |  18 ---
 sci-chemistry/prodecomp/prodecomp-3.0-r3.ebuild    |  53 -------
 sci-chemistry/pymol-plugins-caver/Manifest         |   1 -
 sci-chemistry/pymol-plugins-caver/metadata.xml     |   8 --
 .../pymol-plugins-caver-2.1.2.ebuild               |  56 --------
 sci-chemistry/pymol-plugins-dssp/Manifest          |   1 -
 sci-chemistry/pymol-plugins-dssp/metadata.xml      |   8 --
 .../pymol-plugins-dssp-110430-r1.ebuild            |  39 -----
 sci-chemistry/pymol-plugins-promol/Manifest        |   1 -
 sci-chemistry/pymol-plugins-promol/metadata.xml    |   8 --
 .../pymol-plugins-promol-3.0.2-r1.ebuild           |  60 --------
 sci-chemistry/sparky/Manifest                      |   1 -
 sci-chemistry/sparky/files/3.115-fix-c++14.patch   |  32 -----
 sci-chemistry/sparky/files/3.115-ldflags.patch     |  61 --------
 sci-chemistry/sparky/files/3.115-makefile.patch    |  17 ---
 sci-chemistry/sparky/files/3.115-paths.patch       |  13 --
 sci-chemistry/sparky/files/3.115-wrapper-r1.patch  |  41 ------
 sci-chemistry/sparky/metadata.xml                  |   8 --
 sci-chemistry/sparky/sparky-3.115-r2.ebuild        | 117 ---------------
 www-apps/viewvc/Manifest                           |   1 -
 www-apps/viewvc/metadata.xml                       |  13 --
 www-apps/viewvc/viewvc-1.1.26-r1.ebuild            | 115 ---------------
 129 files changed, 3958 deletions(-)

Comment 4 Aaron Bauman (RETIRED) gentoo-dev

2020-07-28 19:01:34 UTC

buh bye