[SECURITY] Fedora EPEL 5 Update: viewvc-1.1.4-1.el5

Tue Mar 16 19:33:08 UTC 2010

--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2010-2396
2010-03-12 02:54:02
--------------------------------------------------------------------------------

Name        : viewvc
Product     : Fedora EPEL 5
Version     : 1.1.4
Release     : 1.el5
URL         : http://www.viewvc.org/
Summary     : Browser interface for CVS and SVN version control repositories
Description :
ViewVC is a browser interface for CVS and Subversion version control
repositories. It generates templatized HTML to present navigable directory,
revision, and change log listings. It can display specific versions of files
as well as diffs between those versions. Basically, ViewVC provides the bulk
of the report-like functionality you expect out of your version control tool,
but much more prettily than the average textual command-line program output.

--------------------------------------------------------------------------------
Update Information:

Update to upstream version 1.1.4, fixing one XSS flaw and several bugs:  *
http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?revision=2341  *
security fix: escape user-provided query form input to avoid XSS attack  * fix
standalone.py failure (when per-root options aren't used) (issue #445)  * fix
annotate failure caused by ignored svn_config_dir (issue #447)
--------------------------------------------------------------------------------

This update can be installed with the "yum" update programs.  Use
su -c 'yum update viewvc' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora EPEL GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------