Summary: | <www-apps/viewvc-1.1.17: lib/viewvc.py XSS (CVE-2012-4533) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | web-apps |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=868606 | ||
Whiteboard: | B4 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 426690 |
Description
Agostino Sarubbo
2012-11-01 16:15:15 UTC
Fixed upstream: Version 1.1.16 (released 24-Oct-2012) * security fix: escape "extra" diff info to avoid XSS attack (issue #515) * add 'binary_mime_types' configuration option and handling (issue #510) * fix 'select for diffs' persistence across log pages (issue #512) * remove lock status and filesize check on directories in remote SVN views * fix bogus 'Annotation of' page title for non-annotated view (issue #514) Bumped to viewvc-1.1.17. (In reply to comment #2) > Bumped to viewvc-1.1.17. Arches, please test it and mark stable. amd64 stable x86 stable, last arch! Thanks, everyone. Closing noglsa for XSS only. CVE-2012-4533 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4533): Cross-site scripting (XSS) vulnerability in the "extra" details in the diff function in lib/viewvc.py in ViewVC 1.0.x before 1.0.13 and 1.1..x before 1.1.16 allows remote authenticated users with repository commit access to inject arbitrary web script or HTML via the "function name" line. |