Bug 305505

Summary:

<www-apps/coppermine-1.4.26 XSS

Product:

Gentoo Security

Reporter:

cilly <cilly>

Component:

Vulnerabilities

Assignee:

Gentoo Security <security>

Status:

RESOLVED FIXED

Severity:

trivial

CC:

web-apps

Priority:

High

Version:

unspecified

Hardware:

All

OS:

Linux

URL:

http://forum.coppermine-gallery.net/index.php/topic,63510.0.html

Whiteboard:

~4 [noglsa]

Package list:

Runtime testing required:

---

Attachments:

Description	Flags
coppermine-1.4.26.ebuild	none

Description cilly 2010-02-17 10:29:23 UTC

"The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.4.25 or older update to this latest version as soon as possible."

Comment 1 cilly 2010-02-17 10:30:45 UTC

Created attachment 219973 [details]
coppermine-1.4.26.ebuild

Comment 2 cilly 2010-02-17 10:31:44 UTC

Hint: just rename ebuild to match correct version

Comment 3 Tobias Heinlein (RETIRED) gentoo-dev

2010-02-18 19:03:45 UTC

web-apps, please bump.

Comment 4 Alex Legler (RETIRED) archtester

2010-03-10 10:15:41 UTC

+*coppermine-1.4.26 (10 Mar 2010)
+
+  10 Mar 2010; Alex Legler <a3li@gentoo.org> -coppermine-1.4.24.ebuild,
+  +coppermine-1.4.26.ebuild:
+  Non-maintainer commit: Version bump for security bug 305505. Also fixing
+  docs installation
+

Issue seems to be XSS. Rerated ~4. Closing noglsa.