[ReviewBoard/el6] New upstream security release 1.5.7 Security Fixes: A script injection vulnerability was discovered
Stephen Gallagher
sgallagh at fedoraproject.org
Tue Nov 15 12:59:00 UTC 2011
commit cdf09043a073c3759061eefb6366fc44b8170f89
Author: Stephen Gallagher <sgallagh at redhat.com>
Date: Tue Nov 15 07:49:05 2011 -0500
New upstream security release 1.5.7
Security Fixes:
A script injection vulnerability was discovered in the commenting system.
This affected the diff viewer and screenshot pages, and allowed a
commenter to break the page and execute JavaScript
.gitignore | 1 +
ReviewBoard.spec | 11 +++++++++--
sources | 2 +-
3 files changed, 11 insertions(+), 3 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 879cb4c..72cf5f7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -7,3 +7,4 @@ ReviewBoard-1.5rc1.tar.gz
/ReviewBoard-1.5.4.tar.gz
/ReviewBoard-1.5.5.tar.gz
/ReviewBoard-1.5.6.tar.gz
+/ReviewBoard-1.5.7.tar.gz
diff --git a/ReviewBoard.spec b/ReviewBoard.spec
index 6580e7e..58c684b 100644
--- a/ReviewBoard.spec
+++ b/ReviewBoard.spec
@@ -1,8 +1,8 @@
%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
Name: ReviewBoard
-Version: 1.5.6
-Release: 2%{?dist}
+Version: 1.5.7
+Release: 1%{?dist}
Summary: Web-based code review tool
Group: Applications/Internet
License: MIT
@@ -87,6 +87,13 @@ rm -rf $RPM_BUILD_ROOT
%{python_sitelib}/webtests/*.py*
%changelog
+* Tue Nov 15 2011 Stephen Gallagher <sgallagh at redhat.com> - 1.5.7-1
+- New upstream security release 1.5.7
+- Security Fixes:
+- A script injection vulnerability was discovered in the commenting system.
+ This affected the diff viewer and screenshot pages, and allowed a
+ commenter to break the page and execute JavaScript
+
* Mon Aug 29 2011 Stephen Gallagher <sgallagh at redhat.com> - 1.5.6-2
- Fix python-pygments requirement
- ReviewBoard will work with python-pygments >= 1.1.1, but performance may
diff --git a/sources b/sources
index 71d610f..ad152d2 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-628484aea4d65ef1d1bf233f82084935 ReviewBoard-1.5.6.tar.gz
+02ca45f008e35ccd2f54d7ee829c9be5 ReviewBoard-1.5.7.tar.gz
More information about the scm-commits
mailing list