openSUSE Security Update : viewvc (openSUSE-SU-2012:0831-1)

update to 1.1.15 bnc768680 : - security fix: complete authz support for remote SVN views CVE-2012-3356 - security fix: log msg leak in SVN revision view with unreadable copy source CVE-2012-3357 Additionally the following non-security issues have been addressed : - fix several instances of...

Mandriva Linux Security Advisory : viewvc (MDVSA-2013:134)

Updated viewvc packages fix security vulnerabilities : complete authz support for remote SVN views CVE-2012-3356. log msg leak in SVN revision view with unreadable copy source CVE-2012-3357. function name lines returned by diff are not properly escaped, allowing attackers with commit access to...

[SECURITY] [DSA 2563-1] viewvc security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2563-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 23, 2012 http://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-2563-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-2563-1 : viewvc - several vulnerabilities

Several vulnerabilities were found in ViewVC, a web interface for CVS and Subversion repositories. - CVE-2009-5024 Remote attackers can bypass the cvsdb rowlimit configuration setting, and consequently conduct resource-consumption attacks via the limit parameter. - CVE-2012-3356 The remote...

[SECURITY] [DSA 2563-1] viewvc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2563-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 23, 2012 http://www.debian.org/security/faq -...

Fedora Update for viewvc FEDORA-2012-9433

Check for the Version of viewvc OpenVAS Vulnerability Test Fedora Update for viewvc FEDORA-2012-9433 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Fedora Update for viewvc FEDORA-2012-9433

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2012-3357

CVE-2012-3357 affects ViewVC prior to 1.1.15. The Subversion revision view mishandles log messages when a readable path is copied from an unreadable path, enabling remote disclosure of sensitive information. The issue arises in lib/vclib/svn/svn_repos.py due to improper handling of log messages a...