-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : viewvc Version : 1.1.5-1.4+deb7u1 CVE ID : CVE-2017-5938 Debian Bug : 854681
Thomas Gerbet discovered that viewvc, a web interface for CVS and Subversion repositories, did not properly sanitize user input. This issue resulted in a potential Cross-Site Scripting vulnerability. For Debian 7 "Wheezy", these problems have been fixed in version 1.1.5-1.4+deb7u1. We recommend that you upgrade your viewvc packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlic9C9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeTuzQ//csp/sO+hyrFZhGvYFodh2om4ba+sZ6cTZweOFEiZHexguqnzWUz5gOGl YUCX5/KJWuemkFFuDcJfJcsDH8bGC0S0KdNq5n3xtCL/a6VAdUjGYwVaEW0OSBuT W/zusCjuCSgsRhy/bznZZ0XphT0h4G2/kp0qgl9NfEentWUnQ+WC6ZHXaOyaNu26 iYK3O39qz5cxChKfBzxdnT7bjdGj8XQlYe692ZLCvVNFH/zmTq+wQhjbcDqbwkgX zdAOUUPWhBgDTysX7UTvzOIDcARjl5EB0ubYcvchRFvRMAV2vtPzVKodR8Yz1pyP f1Ebd5r40JLtIMQjA7LCV7c8QmxvpJgK2cdIZhsXVI5Of/jEq5nahDeBTKNGNEIK 7UDXZMrbg74nOm0g+ibBq84a8D37o4pcet9kh2bKJqA5GmJ0dgtJlgo3Ay/mURkN QEOuzvJ2D1r5oJZIYDjJlgDR/a02TgGOg95nOWRzd6zTJZ6L6HJ9hbyH/JXCyJgG MyZtvEW/L2fOfZgxKO+coycWRxhWM70U4a6t82R1SfBNRz7jC8BfICLimLu2pt1J Qe4Gp5mpLp/7YsmHhDhBbuU4usoGKt2H3VVlTzwFaeNLACDdeWu2O3H0yhX1BNqA qRED8lr8lACEk1P5Kgk4+SlDb8TwOlW4LxhmdEQQRzbWFREEeZI= =lYTB -----END PGP SIGNATURE-----
