| Summary: | viewvc new security issue CVE-2012-4533 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | |
| Severity: | major | ||
| Priority: | Normal | CC: | davidwhodgins, sysadmin-bugs, tmb |
| Version: | 2 | Keywords: | validated_update |
| Target Milestone: | --- | ||
| Hardware: | i586 | ||
| OS: | Linux | ||
| URL: | http://lwn.net/Vulnerabilities/520971/ | ||
| Whiteboard: | MGA1TOO MGA2-32-OK has_procedure MGA1-64-OK MGA1-32-OK MGA2-64-OK | ||
| Source RPM: | viewvc-1.1.15-1.mga2.src.rpm | CVE: | |
| Status comment: | |||
| Attachments: | Testing procedure for viewvc | ||
|
Description
David Walser
2012-10-24 20:57:33 CEST
David Walser
2012-10-24 20:57:40 CEST
Whiteboard:
(none) =>
MGA1TOO More info about this is here: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4533 Found some info at http://unspecified.wordpress.com/2008/06/10/viewvc/ Also, seems to need apache-mod_python installed. I have it to the point where http://127.0.0.1/cgi-bin/viewvc will load in Mageia 2 i586, but on Mageia 1, it's returning a 400 http status code. I'll dig into it more tomorrow. CC:
(none) =>
davidwhodgins Created attachment 2991 [details]
Testing procedure for viewvc
On Mageia 2 i586, with the viewvc from viewvc-1.1.15-1.1.mga2.src.rpm
installed, I'm still getting the pop-up showing XSS!, so it seems
that the update is not fixing the problem.
I'm attaching the testing procedure I used.
Dave Hodgins
2012-10-27 01:10:27 CEST
Whiteboard:
MGA1TOO =>
MGA1TOO feedback Try restarting the web server just in case, but if it persists, I'll try upgrading it to 1.1.17 next week and see if that fixes it (and if not, will have to report upstream). Thanks for testing. Testing complete on Mageia 2 i586. I had restarted the web server, but it turns out I also had to clear the web browsers cache (I'm using opera). Still have to figure out why Mageia 1 is returning a 400 status code. Whiteboard:
MGA1TOO feedback =>
MGA1TOO MGA2-32-OK has_procedure Testing complete on Mageia 1 x86-64. My 400 status code problem was caused by the updates testing version of drupal. Whiteboard:
MGA1TOO MGA2-32-OK has_procedure =>
MGA1TOO MGA2-32-OK has_procedure MGA1-64-OK Testing complete on Mageia 1 i586. Whiteboard:
MGA1TOO MGA2-32-OK has_procedure MGA1-64-OK =>
MGA1TOO MGA2-32-OK has_procedure MGA1-64-OK MGA1-32-OK Testing complete on Mageia 2 x86-64. Could someone from the sysadmin team push the srpm viewvc-1.1.15-1.1.mga2.src.rpm from Mageia 2 Core Updates Testing to Core Updates and the srpm viewvc-1.1.15-1.1.mga1.src.rpm from Mageia 1 Core Updates Testing to Core Updates. Advisory: Updated viewvc package fixes security vulnerability: "function name" lines returned by diff are not properly escaped, allowing attackers with commit access to perform cross site scripting (CVE-2012-4533). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4533 http://www.debian.org/security/2012/dsa-2563 https://bugs.mageia.org/show_bug.cgi?id=7896 Keywords:
(none) =>
validated_update Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0313 Status:
NEW =>
RESOLVED |