rpms/viewvc/EL-5 sources,1.7,1.8 viewvc.spec,1.7,1.8

bojan bojan at fedoraproject.org
Tue Aug 11 22:25:23 UTC 2009 

Author: bojan

Update of /cvs/pkgs/rpms/viewvc/EL-5
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv31427

Modified Files:
	sources viewvc.spec 
Log Message:
Bump up to 1.0.9.
Two security fixes.


Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/viewvc/EL-5/sources,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -p -r1.7 -r1.8
--- sources	7 May 2009 06:56:29 -0000	1.7
+++ sources	11 Aug 2009 22:25:23 -0000	1.8
@@ -1 +1 @@
-2070392e6f9ce537f7f1b2daf9c7a216  viewvc-1.0.8.tar.gz
+5aa48bb866f65bfcf32aa0cd581bf7d3  viewvc-1.0.9.tar.gz


Index: viewvc.spec
===================================================================
RCS file: /cvs/pkgs/rpms/viewvc/EL-5/viewvc.spec,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -p -r1.7 -r1.8
--- viewvc.spec	7 May 2009 06:56:29 -0000	1.7
+++ viewvc.spec	11 Aug 2009 22:25:23 -0000	1.8
@@ -16,7 +16,7 @@
 
 
 Name:           viewvc
-Version:        1.0.8
+Version:        1.0.9
 Release:        1%{?dist}
 Summary:        Browser interface for CVS and SVN version control repositories
 
@@ -126,6 +126,11 @@ This version only supports CVS repositor
 %attr(0700,apache,apache) %{_localstatedir}/spool/viewvc
 
 %changelog
+* Wed Aug 12 2009 Bojan Smojver <bojan at rexursive.com> - 1.0.9-1
+- bump up to 1.0.9
+- security fix: validate the 'view' parameter to avoid XSS attack
+- security fix: avoid printing illegal parameter names and values
+
 * Thu May  7 2009 Bojan Smojver <bojan at rexursive.com> - 1.0.8-1
 - Bump up to 1.0.8

More information about the fedora-extras-commits mailing list