CVE-2021-32305: WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter. For once, the CVE text is correct and the pull request's patch is indeed in 2.6.1. Please bump.
Ping.
Package list is empty or all packages have requested keywords.
Ping
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1a0af351ba184ecd777f9b6190bb72dfd13c7a41 commit 1a0af351ba184ecd777f9b6190bb72dfd13c7a41 Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2021-11-12 03:39:21 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2021-11-12 03:40:04 +0000 profiles: last-rite www-apps/websvn Bug: https://bugs.gentoo.org/672352 Bug: https://bugs.gentoo.org/794511 Signed-off-by: John Helmert III <ajak@gentoo.org> profiles/package.mask | 5 +++++ 1 file changed, 5 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=35123aec38bbe8638bdfd2c6606b65fdd25a04b6 commit 35123aec38bbe8638bdfd2c6606b65fdd25a04b6 Author: Jakov Smolić <jsmolic@gentoo.org> AuthorDate: 2021-12-11 16:09:17 +0000 Commit: Jakov Smolić <jsmolic@gentoo.org> CommitDate: 2021-12-11 16:09:17 +0000 www-apps/websvn: treeclean Closes: https://bugs.gentoo.org/672352 Bug: https://bugs.gentoo.org/794511 Signed-off-by: Jakov Smolić <jsmolic@gentoo.org> profiles/package.mask | 5 -- www-apps/websvn/Manifest | 1 - .../websvn/files/13_security_CVE-2013-6892.patch | 39 -------------- www-apps/websvn/files/30_CVE-2016-2511.patch | 11 ---- www-apps/websvn/files/31_CVE-2016-1236.patch | 61 ---------------------- www-apps/websvn/metadata.xml | 13 ----- www-apps/websvn/websvn-2.3.3-r1.ebuild | 53 ------------------- 7 files changed, 183 deletions(-)
commit 35123aec38bbe8638bdfd2c6606b65fdd25a04b6 Author: Jakov Smolić <jsmolic@gentoo.org> Date: Sat Dec 11 17:09:17 2021 +0100 www-apps/websvn: treeclean
