Re: pkg/44263: ViewVC 1.0.10 has a cross-site-scripting vulnerability

To: pkg-manager%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,pkgsrc-bugs%netbsd.org@localhost,cfuhrman%panix.com@localhost
Subject: Re: pkg/44263: ViewVC 1.0.10 has a cross-site-scripting vulnerability
From: "OBATA Akio" <obache%netbsd.org@localhost>
Date: Thu, 23 Dec 2010 02:50:04 +0000 (UTC)

The following reply was made to PR pkg/44263; it has been noted by GNATS.

From: "OBATA Akio" <obache%netbsd.org@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: 
Subject: Re: pkg/44263: ViewVC 1.0.10 has a cross-site-scripting vulnerability
Date: Thu, 23 Dec 2010 11:46:45 +0900

 On Thu, 23 Dec 2010 02:55:00 +0900, <cfuhrman%panix.com@localhost> wrote:

 > Apply the following patch to update to viewvc-1.0.12.  Tarball located at 
 > http://viewvc.tigris.org/files/documents/3330/47621/viewvc-1.0.12.tar.gz

 It is impossible to fetch it if fetch command does not support cookie (or 
cookie is disabled),
 or failed to infinity redirect.
 It is because that I gave up update it.

 I saw it in other times, but fixed while I was unaware.
 Then I don't know that it is a temporary issue or not.

 -- 
 OBATA Akio / obache%NetBSD.org@localhost

Prev by Date: pkg/44263: ViewVC 1.0.10 has a cross-site-scripting vulnerability
Next by Date: pkg/44266: minor discrepancy between print/xpdf xpdfrc(5) manpage and print/xpdf-japanese
Previous by Thread: pkg/44263: ViewVC 1.0.10 has a cross-site-scripting vulnerability
Next by Thread: pkg/44266: minor discrepancy between print/xpdf xpdfrc(5) manpage and print/xpdf-japanese
Indexes:

Home | Main Index | Thread Index | Old Index