[ReviewBoard] New upstream security release 1.6.3 Security Fixes: A script injection vulnerability was discovered
Stephen Gallagher
sgallagh at fedoraproject.org
Tue Nov 15 13:35:56 UTC 2011
commit 2b80d0b5b0f2bf6a962c4cdb8612ef64aa30405f
Author: Stephen Gallagher <sgallagh at redhat.com>
Date: Tue Nov 15 08:37:19 2011 -0500
New upstream security release 1.6.3
Security Fixes:
A script injection vulnerability was discovered in the commenting system.
This affected the diff viewer and screenshot pages, and allowed a
commenter to break the page and execute JavaScript
.gitignore | 1 +
ReviewBoard.spec | 9 ++++++++-
sources | 2 +-
3 files changed, 10 insertions(+), 2 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index ecbaaff..b93a0cc 100644
--- a/.gitignore
+++ b/.gitignore
@@ -12,3 +12,4 @@ ReviewBoard-1.5rc1.tar.gz
/ReviewBoard-1.6rc2.tar.gz
/ReviewBoard-1.6.1.tar.gz
/ReviewBoard-1.6.2.tar.gz
+/ReviewBoard-1.6.3.tar.gz
diff --git a/ReviewBoard.spec b/ReviewBoard.spec
index c5a7332..942881e 100644
--- a/ReviewBoard.spec
+++ b/ReviewBoard.spec
@@ -1,7 +1,7 @@
%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
Name: ReviewBoard
-Version: 1.6.2
+Version: 1.6.3
Release: 1%{?dist}
Summary: Web-based code review tool
Group: Applications/Internet
@@ -87,6 +87,13 @@ rm -rf $RPM_BUILD_ROOT
%{python_sitelib}/webtests/*.py*
%changelog
+* Tue Nov 15 2011 Stephen Gallagher <sgallagh at redhat.com> - 1.6.3-1
+- New upstream security release 1.6.3
+- Security Fixes:
+ A script injection vulnerability was discovered in the commenting system.
+ This affected the diff viewer and screenshot pages, and allowed a
+ commenter to break the page and execute JavaScript
+
* Thu Nov 10 2011 Stephen Gallagher <sgallagh at redhat.com> - 1.6.2-1
- New upstream release
- http://www.reviewboard.org/docs/releasenotes/dev/reviewboard/1.6.2/
diff --git a/sources b/sources
index 4c2d0a1..c8e779e 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-3b05737a540d16af7d839e21454b1a6e ReviewBoard-1.6.2.tar.gz
+27bfc40141fe9de93522a279b690bfea ReviewBoard-1.6.3.tar.gz
More information about the scm-commits
mailing list