[ReviewBoard/el5] New upstream security release 1.5.7 Security Fixes: A script injection vulnerability was discovered
Stephen Gallagher
sgallagh at fedoraproject.org
Tue Nov 15 12:54:46 UTC 2011
commit f74a689e17b3b8f720c0fb152ad7df561544d1e0
Author: Stephen Gallagher <sgallagh at redhat.com>
Date: Tue Nov 15 07:49:05 2011 -0500
New upstream security release 1.5.7
Security Fixes:
A script injection vulnerability was discovered in the commenting system.
This affected the diff viewer and screenshot pages, and allowed a
commenter to break the page and execute JavaScript
.gitignore | 1 +
ReviewBoard.spec | 13 ++++++++++---
sources | 2 +-
3 files changed, 12 insertions(+), 4 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 91b91e4..cf6f9ca 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,3 +6,4 @@
/ReviewBoard-1.5.4.tar.gz
/ReviewBoard-1.5.5.tar.gz
/ReviewBoard-1.5.6.tar.gz
+/ReviewBoard-1.5.7.tar.gz
diff --git a/ReviewBoard.spec b/ReviewBoard.spec
index abca207..254d6a6 100644
--- a/ReviewBoard.spec
+++ b/ReviewBoard.spec
@@ -1,8 +1,8 @@
%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
Name: ReviewBoard
-Version: 1.5.6
-Release: 3%{?dist}
+Version: 1.5.7
+Release: 1%{?dist}
Summary: Web-based code review tool
Group: Applications/Internet
License: MIT
@@ -22,7 +22,7 @@ Requires: pysvn
Requires: python-flup
Requires: python-nose
Requires: pytz
-Requires: python-pygments >= 1.1.1
+Requires: python-pygments >= 1.4
Requires: django-evolution >= 0.6.5
Requires: python-recaptcha-client
Requires: python-paramiko
@@ -94,6 +94,13 @@ rm -rf $RPM_BUILD_ROOT
%{python_sitelib}/webtests/*.py*
%changelog
+* Tue Nov 15 2011 Stephen Gallagher <sgallagh at redhat.com> - 1.5.7-1
+- New upstream security release 1.5.7
+- Security Fixes:
+- A script injection vulnerability was discovered in the commenting system.
+ This affected the diff viewer and screenshot pages, and allowed a
+ commenter to break the page and execute JavaScript
+
* Fri Sep 23 2011 Stephen Gallagher <sgallagh at redhat.com> - 1.5.6-3
- Resolves: rhbz#739209 - rb-site install failed with AttributeError: 'module'
object has no attribute 'image_new_from_file'
diff --git a/sources b/sources
index 71d610f..ad152d2 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-628484aea4d65ef1d1bf233f82084935 ReviewBoard-1.5.6.tar.gz
+02ca45f008e35ccd2f54d7ee829c9be5 ReviewBoard-1.5.7.tar.gz
More information about the scm-commits
mailing list