oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request: viewvc

From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 25 Jun 2012 13:59:55 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 06/25/2012 06:03 AM, Ludwig Nussel wrote:

Hi,

Changelog of viewvc 1.1.15: 
http://viewvc.tigris.org/source/browse/*checkout*/viewvc/tags/1.1.15/CHANGES



Version 1.1.15 (released 22-Jun-2012)

* security fix: complete authz support for remote SVN views (issue
#353)


Please use CVE-2012-3356 for this issue


* security fix: log msg leak in SVN revision view with unreadable
copy source


Please use CVE-2012-3357 for this issue



The first one seems to be this one: 
http://viewvc.tigris.org/source/browse/viewvc?view=rev&revision=2758

 The second one: 
http://viewvc.tigris.org/issues/show_bug.cgi?id=353 
http://viewvc.tigris.org/source/browse/viewvc?view=rev&revision=2755



http://viewvc.tigris.org/source/browse/viewvc?view=rev&revision=2756

http://viewvc.tigris.org/source/browse/viewvc?view=rev&revision=2757



http://viewvc.tigris.org/source/browse/viewvc?view=rev&revision=2759

http://viewvc.tigris.org/source/browse/viewvc?view=rev&revision=2760

 cu Ludwig




- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJP6MM6AAoJEBYNRVNeJnmTw74QANaDGEyGk2EV0CtjDBAdDzJz
JgTbhuVWRQtCqtyUuyFmNte0znTZontJcYE3URRSMR0lIc8EyjKRhpe1ya5wdxhr
OqJWOUHtCDdvCyYtIFQ4FiY6biOFcmMO9g7xcf2F/ZbXYQXLhB/TmHKDAt0p+yaH
LN8E1mPVeldT8kXikarmcjBv8qU5rUue24bOAfrht+9rtLbNCcvKgnLl1r7JoCeu
3DJjPHA+34Bx9CNotjHlVU+6qt3nfo3V8Re9nqUf7drNGV12c+InKItbDVcFHZrf
4+RXOo8oZYrjXDoxWs64NXl8qfQ6d8ee9iOKW1oAyN5kswfxnl70eOm1nEPsW5zN
c635Ds9R4nY+VHAgrbM6kkZl5tIykFQP3KbecAG5+CPW72no+IV3fmeyYOq7Wp1G
ib6weGQF5fhvS1U/zUYgxyoG7Y3DCm+B9OFPphBld3s0eUMLAHX8njGuKIjDNrmA
NZ+r68Mj1ZFxRi1yv2GHMQjI8652Qlv76Xtpn0RqozTBVF7Ium7gwfdpw88+bjPP
ocjJUMR3QrCX8a29JxQMAnhpRx4hNtk7uJHu/YMkNrJ+LCQ7SJSxki+vdmkqvuFW
vZs0N0kXauNtSlgas4pf1M1JK+eqqh9MMIKKL0W6d3JQyujRKwJejIMMU8hm/TeJ
/gHBurbMC80AH0u0B18y
=/CS1
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: