353243 – (CVE-2010-3854) <dev-db/couchdb-1.0.2: Cross Site Scripting Issue (CVE-2010-3854)

Bug 353243 (CVE-2010-3854) - <dev-db/couchdb-1.0.2: Cross Site Scripting Issue (CVE-2010-3854)

Summary: <dev-db/couchdb-1.0.2: Cross Site Scripting Issue (CVE-2010-3854)

Status:	RESOLVED FIXED

Alias:	CVE-2010-3854

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High minor (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	B4 [noglsa]
Keywords:

Depends on:	353304
Blocks:
	Show dependency tree

Reported:	2011-01-30 17:14 UTC by Dirkjan Ochtman (RETIRED)
Modified:	2011-02-12 19:07 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Dirkjan Ochtman (RETIRED) gentoo-dev

2011-01-30 17:14:00 UTC

Versions Affected:
Apache CouchDB 0.8.0 to 1.0.1

I've just committed 1.0.2 to the tree, which is a bugfix release for the 1.0.x series. Proceed with stabilization ASAP?

Comment 1 Paweł Hajdan, Jr. (RETIRED) gentoo-dev

2011-01-30 17:18:35 UTC

Yes. Arches, please test and stabilize =dev-db/couchdb-1.0.2

Comment 2 Christian Faulhammer (RETIRED) gentoo-dev

2011-02-05 00:16:13 UTC

No problems here, x86 stable

Comment 3 Kacper Kowalik (Xarthisius) (RETIRED) gentoo-dev

2011-02-08 18:42:34 UTC

ppc stable

Comment 4 Markos Chandras (RETIRED) gentoo-dev

2011-02-10 23:44:57 UTC

amd64 done

Comment 5 Tim Sammut (RETIRED) gentoo-dev

2011-02-12 19:07:25 UTC

Thanks, folks. Closing noglsa for XSS.