viewvc-1.3.0~dev20250722-1.1 on GA media (moderate)

viewvc-1.3.0dev20250722-1.1 on GA media Announcement ID: openSUSE-SU-2025:15374-1 Rating: moderate Cross-References: CVE-2025-54141 CVSS scores: CVE-2025-54141 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2025-54141 SUSE : 8.7...

OPENSUSE-SU-2025:15374-1 viewvc-1.3.0~dev20250722-1.1 on GA media

These are all security issues fixed in the viewvc-1.3.0dev20250722-1.1 package on the GA media of openSUSE Tumbleweed...

Mageia: Security Advisory (MGASA-2020-0221)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2017-0048)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2020-0221 Updated viewvc packages fix security vulnerability

Updated viewvc package fixes security vulnerability: ViewVC before versions 1.1.28 has an XSS vulnerability in CVS showsubdirlastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by an otherwise trusted...

MGASA-2017-0048 Updated viewvc packages fix security vulnerability

Thomas Gerbet discovered that viewvc, a web interface for CVS and Subversion repositories, did not properly sanitize user input. This problem resulted in a potential Cross-Site Scripting vulnerability CVE-2017-5938. The viewvc package has been updated to version 1.1.26 which fixes this issue...

Debian: Security Advisory (DSA-3784-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 11 : viewvc-1.1.5-1.fc11 (2010-5507)

Full changelog: http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?r evision=2359&view=markup&pathrev=HEAD - security fix: escape user-provided searchre input to avoid XSS attack Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

Fedora 8 : viewvc-1.0.6-1.fc8 (2008-8270)

Security fix: ignore arbitrary user-provided MIME types ViewVC issue 354: http://viewvc.tigris.org/issues/showbug.cgi?id=354 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean an...