MGASA-2017-0048

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2017-0048.html

Import Source

https://advisories.mageia.org/MGASA-2017-0048.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2017-0048

Related

CVE-2017-5938

Published

2017-02-18T16:29:09Z

Modified

2017-02-18T15:40:54Z

Summary

Updated viewvc packages fix security vulnerability

Details

Thomas Gerbet discovered that viewvc, a web interface for CVS and Subversion repositories, did not properly sanitize user input. This problem resulted in a potential Cross-Site Scripting vulnerability (CVE-2017-5938).

The viewvc package has been updated to version 1.1.26 which fixes this issue.

References

https://advisories.mageia.org/MGASA-2017-0048.html
https://bugs.mageia.org/show_bug.cgi?id=20262
https://www.debian.org/security/2017/dsa-3784

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2017-0048

Affected packages