viewvc (1.1.5-1.3) unstable; urgency=low
* Non-maintainer upload.
[ gregor herrmann ]
* [SECURITY] Fix "CVE-2012-3356 / CVE-2012-3357":
- CVE-2012-3356: * security fix: complete authz support for remote SVN views
- CVE-2012-3357: * security fix: log msg leak in SVN revision view with
unreadable copy source
Add patches "CVE-2012-3356" and "CVE-2012-3357", taken from upstream svn.
(Closes: #679069)
[ Ben Hutchings ]
* view_query: No longer allow an undocumented URL parameter to
override the admin-declared SQL row limit, which could result
in excessive CPU usage and memory consumption (CVE-2009-5024)
(Closes: #671482)
Date: 2012-10-15 04:24:10.415208+00:00
Signed-By: Micah Gersten <[email protected]>
https://launchpad.net/ubuntu/quantal/+source/viewvc/1.1.5-1.3
Sorry, changesfile not available.
--
Quantal-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/quantal-changes
