Mandriva Linux Security Advisory : viewvc (MDVSA-2013:134)

Updated viewvc packages fix security vulnerabilities : complete authz support for remote SVN views CVE-2012-3356. log msg leak in SVN revision view with unreadable copy source CVE-2012-3357. function name lines returned by diff are not properly escaped, allowing attackers with commit access to...

CVE-2012-4533

This CVE affects ViewVC 1.0.x before 1.0.13 and 1.1.x before 1.1.16, where an XSS exists in the DiffSource._get_row function (lib/viewvc.py). The vulnerability allows remote authenticated users with repository commit access to inject arbitrary web script or HTML via the "function name" line in th...

Fedora Update for viewvc FEDORA-2012-16674

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

[SECURITY] [DSA 2563-1] viewvc security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2563-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 23, 2012 http://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-2563-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 2563-1] viewvc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2563-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 23, 2012 http://www.debian.org/security/faq -...