-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2011-4998 2011-11-15 21:18:24 --------------------------------------------------------------------------------

Name : ReviewBoard Product : Fedora EPEL 6 Version : 1.5.7 Release : 1.el6 URL : http://www.review-board.org Summary : Web-based code review tool Description : Review Board is a powerful web-based code review tool that offers developers an easy way to handle code reviews. It scales well from small projects to large companies and offers a variety of tools to take much of the stress and time out of the code review process.

-------------------------------------------------------------------------------- Update Information:

- New upstream security release 1.5.7 - Security Fixes: - A script injection vulnerability was discovered in the commenting system. This affected the diff viewer and screenshot pages, and allowed a commenter to break the page and execute JavaScript -------------------------------------------------------------------------------- References:

[ 1 ] Bug #754130 - CVE-2011-4312 ReviewBoard: XSS in the commenting system (diff viewer and screenshot pages) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=754130 --------------------------------------------------------------------------------

This update can be installed with the "yum" update programs. Use su -c 'yum update ReviewBoard' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------