[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 820-1] viewvc security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : viewvc
Version        : 1.1.5-1.4+deb7u1
CVE ID         : CVE-2017-5938
Debian Bug     : 854681

Thomas Gerbet discovered that viewvc, a web interface for CVS and
Subversion repositories, did not properly sanitize user input. This
issue resulted in a potential Cross-Site Scripting vulnerability.

For Debian 7 "Wheezy", these problems have been fixed in version
1.1.5-1.4+deb7u1.

We recommend that you upgrade your viewvc packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlic9C9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeTuzQ//csp/sO+hyrFZhGvYFodh2om4ba+sZ6cTZweOFEiZHexguqnzWUz5gOGl
YUCX5/KJWuemkFFuDcJfJcsDH8bGC0S0KdNq5n3xtCL/a6VAdUjGYwVaEW0OSBuT
W/zusCjuCSgsRhy/bznZZ0XphT0h4G2/kp0qgl9NfEentWUnQ+WC6ZHXaOyaNu26
iYK3O39qz5cxChKfBzxdnT7bjdGj8XQlYe692ZLCvVNFH/zmTq+wQhjbcDqbwkgX
zdAOUUPWhBgDTysX7UTvzOIDcARjl5EB0ubYcvchRFvRMAV2vtPzVKodR8Yz1pyP
f1Ebd5r40JLtIMQjA7LCV7c8QmxvpJgK2cdIZhsXVI5Of/jEq5nahDeBTKNGNEIK
7UDXZMrbg74nOm0g+ibBq84a8D37o4pcet9kh2bKJqA5GmJ0dgtJlgo3Ay/mURkN
QEOuzvJ2D1r5oJZIYDjJlgDR/a02TgGOg95nOWRzd6zTJZ6L6HJ9hbyH/JXCyJgG
MyZtvEW/L2fOfZgxKO+coycWRxhWM70U4a6t82R1SfBNRz7jC8BfICLimLu2pt1J
Qe4Gp5mpLp/7YsmHhDhBbuU4usoGKt2H3VVlTzwFaeNLACDdeWu2O3H0yhX1BNqA
qRED8lr8lACEk1P5Kgk4+SlDb8TwOlW4LxhmdEQQRzbWFREEeZI=
=lYTB
-----END PGP SIGNATURE-----


Reply to: