433109 – <www-apps/dokuwiki-20120125b XSS vulnerability

Bug 433109 - <www-apps/dokuwiki-20120125b XSS vulnerability

Summary: <www-apps/dokuwiki-20120125b XSS vulnerability

Status:	RESOLVED DUPLICATE of bug 427232

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor (vote)
Assignee:	Gentoo Security

URL:	https://bugs.dokuwiki.org/index.php?d...
Whiteboard:	B4 [ebuild]
Keywords:

Depends on:
Blocks:

Reported:	2012-08-28 22:31 UTC by Philippe Chaintreuil
Modified:	2012-12-24 18:05 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Philippe Chaintreuil 2012-08-28 22:31:47 UTC

DokuWiki has released a patched version of their latest release to fix a XSS bug.

Simple version bump to the ebuild to www-apps/dokuwiki-20090214b (ie, just rename www-apps/dokuwiki-20090214a) works for me.

The old version (dokuwiki-20120125a) should probably be removed.

Reproducible: Always

Comment 1 Tobias Heinlein (RETIRED) gentoo-dev

2012-10-18 08:13:00 UTC

Thanks for reporting. However, this is a duplicate of bug 427232.

*** This bug has been marked as a duplicate of bug 427232 ***

Comment 2 Lance Albertson (RETIRED) gentoo-dev

2012-12-24 18:05:53 UTC

FWIW I just bumped dokuwiki to 20121013. Feel free to mark stable after tests have checked it out. I'm not sure if it has the fix for it or not.