[SECURITY] Fedora 11 Update: viewvc-1.1.2-2.fc11

updates at fedoraproject.org updates at fedoraproject.org
Wed Aug 12 20:55:43 UTC 2009 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-8507
2009-08-12 20:24:52
--------------------------------------------------------------------------------

Name        : viewvc
Product     : Fedora 11
Version     : 1.1.2
Release     : 2.fc11
URL         : http://www.viewvc.org/
Summary     : Browser interface for CVS and SVN version control repositories
Description :
ViewVC is a browser interface for CVS and Subversion version control
repositories. It generates templatized HTML to present navigable directory,
revision, and change log listings. It can display specific versions of files
as well as diffs between those versions. Basically, ViewVC provides the bulk
of the report-like functionality you expect out of your version control tool,
but much more prettily than the average textual command-line program output.

--------------------------------------------------------------------------------
Update Information:

CHANGES in 1.1.2:    - security fix: validate the 'view' parameter to avoid XSS
attack  - security fix: avoid printing illegal parameter names and values  - add
optional support for character encoding detection (issue #400)  - fix username
case handling in svnauthz module (issue #419)  - fix cvsdbadmin/svnadmin rebuild
error on missing repos (issue #420)  - don't drop leading blank lines from
colorized file contents (issue #422)  - add file.ezt template logic for
optionally hiding binary file contents    Also includes:    Install and populate
mimetypes.conf. This should hopefully help when colouring syntax using pygments.
Install and populate mimetypes.conf.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug 12 2009 Bojan Smojver <bojan at rexursive.com> - 1.1.2-2
- fix replacement of varius config variables
* Wed Aug 12 2009 Bojan Smojver <bojan at rexursive.com> - 1.1.2-1
- bump up to 1.1.2
- security fix: validate the 'view' parameter to avoid XSS attack
- security fix: avoid printing illegal parameter names and values
* Tue Aug 11 2009 Bojan Smojver <bojan at rexursive.com> - 1.1.1-2
- install mimetypes.conf
- populate mimetypes.conf with what pygments understands
* Thu Jun  4 2009 Bojan Smojver <bojan at rexursive.com> - 1.1.1-1
- Bump up to 1.1.1
* Thu May 14 2009 Bojan Smojver <bojan at rexursive.com> - 1.1.0-1
- Final 1.1.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #516958 - default viewvc.conf changed, paths need fixing
        https://bugzilla.redhat.com/show_bug.cgi?id=516958
  [ 2 ] Bug #514909 - RFE: mimetypes.conf should be in /etc/viewvc/
        https://bugzilla.redhat.com/show_bug.cgi?id=514909
  [ 3 ] Bug #514773 - syntax highlighting not working
        https://bugzilla.redhat.com/show_bug.cgi?id=514773
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update viewvc' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the Fedora-package-announce mailing list