Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 2 articles for you...
89
security advisorysoftware updateFedoraFedora 30: FEDORA-2020-c952520959 Moderate: ViewVC XSS Threat Fix
Fix for CVE-2020-5283. ViewVC 1.1.28 ChangeLog - security fix: escape subdir lastmod file name (#211) - fix standalone.py first request failure (#195) ViewVC 1.1.27 ChangeLog: - suppress stack traces (with option to show) (#140) - distinguish text/binary/image files by icons (#166, #175) - colorize alternating file content lines (#167) - link to the instance root from the. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-c952520959 2020-05-15 04:09:52.670496 --------------------------------------------------------------------------------Name : viewvc Product : Fedora 30 Version : 1.1.28 Release : 1.fc30 URL : https://www.viewvc.org/ Summary : Browser interface for CVS and SVN version control repositories Description : ViewVC is a browser interface for CVS and Subversion version control repositories. It generates templatized HTML to present navigable directory, revision, and change log listings. It can display specific versions of files as well as diffs between those versions. Basically, ViewVC provides the bulk of the report-like functionality you expect out of your version control tool, but much more prettily than the average textual command-line program output. --------------------------------------------------------------------------------Update Information: Fix for CVE-2020-5283. ViewVC 1.1.28 ChangeLog - security fix: escape subdir lastmod file name (#211) - fix standalone.py first request failure (#195) ViewVC 1.1.27 ChangeLog: - suppress stack traces (with option to show) (#140) - distinguish text/binary/image files by icons (#166, #175) - colorize alternating file content lines (#167) - link to the instance root from the ViewVC logo (#168) - display directory and root counts, too (#169) - fix double fault error in standalone.py (#157) - support timezone offsets with minutes piece(#176) --------------------------------------------------------------------------------ChangeLog: * Wed May 6 2020 Bojan Smojver - 1.1.28-1 - bump up to 1.1.28 - CVE-2020-5283 --------------------------------------------------------------------------------References: [ 1 ] Bug #1831804 - CVE-2020-5283 viewvc: XSS vulnerability in CVS show_subdir_lastmod support [fedora-30] https://bugzilla.redhat.com/show_bug.cgi?id=1831804 [ 2 ] Bug #1831805 - CVE-2020-5283 viewvc: XSS vulnerability in CVS show_subdir_lastmod support [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1831805 [ 3 ] Bug #1831806 - CVE-2020-5283 viewvc: XSS vulnerability in CVS show_subdir_lastmod support [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1831806 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-c952520959' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
May 15, 2020
•Important
Fedora
89
security advisorysecurity issuesubversionFedora 30: FEDORA-2019-f6bc68e455 Critical: Subversion DoS Issues
This update includes the latest stable release of _Apache Subversion_, version **1.12.2**. This update addresses two security vulnerabilities in **svnserve**, `CVE-2018-11782` and `CVE-2019-0203`. For more information, see: https://subversion.apache.org/security/CVE-2018-11782-advisory.txt https://subversion.apache.org/security/CVE-2019-0203-advisory.txt ## User-. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-f6bc68e455 2019-08-06 01:18:14.744706 --------------------------------------------------------------------------------Name : subversion Product : Fedora 30 Version : 1.12.2 Release : 1.fc30 URL : https://subversion.apache.org/ Summary : A Modern Concurrent Version Control System Description : Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion is intended to be a compelling replacement for CVS. --------------------------------------------------------------------------------Update Information: This update includes the latest stable release of _Apache Subversion_, version **1.12.2**. This update addresses two security vulnerabilities in **svnserve**, `CVE-2018-11782` and `CVE-2019-0203`. For more information, see: https://subversion.apache.org/security/CVE-2018-11782-advisory.txt https://subversion.apache.org/security/CVE-2019-0203-advisory.txt ## User-visible changes: * Fix conflict resolver bug: local and incoming edits swapped. * Fix memory lifetime problem in a libsvn_wc error code path. --------------------------------------------------------------------------------ChangeLog: * Thu Jul 25 2019 Joe Orton - 1.12.2-1 - update to 1.12.2 * Sat Jun 1 2019 Jitka Plesnikova - 1.12.0-2 - Perl 5.30 rebuild * Wed May 12019 Joe Orton - 1.12.0-1 - update to 1.12.0 (#1702471) * Wed Apr 17 2019 Joe Orton - 1.11.1-5 - fix build with APR 1.7.0 (upstream r1857391) --------------------------------------------------------------------------------References: [ 1 ] Bug #1735579 - CVE-2019-0203 subversion: remote unauthenticated denial-of-service in subversion svnserve [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1735579 [ 2 ] Bug #1735578 - CVE-2018-11782 subversion: remotely triggerable DoS vulnerability in svnserve 'get-deleted-rev' [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1735578 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-f6bc68e455' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Aug 05, 2019
•Critical
Fedora
87
security advisorydebianversion controlDebian DSA-3984-1: Git Shell Injection Risk in Git-CVSServer
joernchen discovered that the git-cvsserver subcommand of Git, a distributed version control system, suffers from a shell command injection vulnerability due to unsafe use of the Perl backtick operator. The git-cvsserver subcommand is reachable from the . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3984-1
Sep 26, 2017
•Critical
Debian
89
security advisorysecurity updatesubversionFedora 24: Subversion Update CVE-2016-2167 & CVE-2016-2168 Critical Issue
- Update to 1.9.4 (#1331222) CVE-2016-2167 CVE-2016-2168 - Move tools in docs to tools subpackage (rhbz 1171757 1199761) - Disable make check to work around FTBFS. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-20cc04ac50 2016-05-10 11:44:56.463021 -------------------------------------------------------------------------------- Name : subversion Product : Fedora 24 Version : 1.9.4 Release : 1.fc24 URL : https://subversion.apache.org/ Summary : A Modern Concurrent Version Control System Description : Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion is intended to be a compelling replacement for CVS. -------------------------------------------------------------------------------- Update Information: - Update to 1.9.4 (#1331222) CVE-2016-2167 CVE-2016-2168 - Move tools in docs to tools subpackage (rhbz 1171757 1199761) - Disable make check to work around FTBFS -------------------------------------------------------------------------------- References: [ 1 ] Bug #1331222 - subversion-1.9.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1331222 [ 2 ] Bug #1171757 - Subversion should not require Python https://bugzilla.redhat.com/show_bug.cgi?id=1171757 [ 3 ] Bug #1199761 - Subversion should not require Perl https://bugzilla.redhat.com/show_bug.cgi?id=1199761 [ 4 ] Bug #1331687 - CVE-2016-2167 CVE-2016-2168 subversion: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1331687 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update subversion' at the command line. For moreinformation, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
May 10, 2016
•Critical
Fedora
89
security advisorymoderatesoftware updateFedora Core 5: 2006-273 Moderate: Subversion 1.3.1 Bug Fix
This update includes the latest upstream release of Subversion, version 1.3.1. This release includes a number of minor bug fixes and improvements.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2006-273 2006-04-07 ---------------------------------------------------------------------Product : Fedora Core 5 Name : subversion Version : 1.3.1 Release : 2.1 Summary : Modern Version Control System designed to replace CVS Description : Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion is intended to be a compelling replacement for CVS. ---------------------------------------------------------------------Update Information: This update includes the latest upstream release of Subversion, version 1.3.1. This release includes a number of minor bug fixes and improvements. ---------------------------------------------------------------------* Tue Apr 4 2006 Joe Orton 1.3.1-2.1 - move libsvn_swig_ruby back to -ruby subpackage - build -java subpackage on s390 again * Tue Apr 4 2006 Joe Orton 1.3.1-2 - update to 1.3.1 * Thu Feb 16 2006 Florian La Roche - 1.3.0-5 - do not package libs within subversion-ruby, these are already available via the main package ---------------------------------------------------------------------This update can be downloaded from: a56bdd8dbded19c84703e1a63420eee1be04096c SRPMS/subversion-1.3.1-2.1.src.rpm 902e9cea32573071c32fafcf2a10ad757202df38 ppc/subversion-1.3.1-2.1.ppc.rpm 292d2cb03bbab3e404b4f6db9dfe5d458d16b585 ppc/subversion-devel-1.3.1-2.1.ppc.rpm b003b17449e7b989b5fc9af5cf918a16edc83b33 ppc/mod_dav_svn-1.3.1-2.1.ppc.rpm 0b033680553887b429ff3e7449cabb577763d3bf ppc/subversion-perl-1.3.1-2.1.ppc.rpm a71d32258e9fbf780ea46b084a4874261ca2d9b0 ppc/subversion-javahl-1.3.1-2.1.ppc.rpm 193f68120f9bac1bb32a0646a58ae410431d06cf ppc/subversion-ruby-1.3.1-2.1.ppc.rpm 8499239fad56eb1165260c7396aab8c14edf689a ppc/debug/subversion-debuginfo-1.3.1-2.1.ppc.rpm be6c58507c204d60dd4474024e0d33a7f6eb8993 x86_64/subversion-1.3.1-2.1.x86_64.rpm 192590bd1dcd5f4ec88efaecb30dd7c6807ecae5 x86_64/subversion-devel-1.3.1-2.1.x86_64.rpm b38c27bb49bdedbd7cf887f203829cffb443b723 x86_64/mod_dav_svn-1.3.1-2.1.x86_64.rpm 065057ad5ca794ce6c99e7595dc81d97552f31b3 x86_64/subversion-perl-1.3.1-2.1.x86_64.rpm d01141a919825d5464368b17a8c9e579f8e6c543 x86_64/subversion-javahl-1.3.1-2.1.x86_64.rpm f6f6e1af13192ecc63a9b1662d6636b52a14f171 x86_64/subversion-ruby-1.3.1-2.1.x86_64.rpm 284366237e826ab089f83eac65944cccc93e16b4 x86_64/debug/subversion-debuginfo-1.3.1-2.1.x86_64.rpm 92a2ec8b2e20f968bfb1aa2458162d16f412e2f2 i386/subversion-1.3.1-2.1.i386.rpm 29d19053af2d78fc1483ff32b168ca8a00347acd i386/subversion-devel-1.3.1-2.1.i386.rpm e729d4d7c52fbde47eddea2628daa6f5db2e26d4 i386/mod_dav_svn-1.3.1-2.1.i386.rpm fae165b04873c45e3b0b8883bc42ff0160a35ddc i386/subversion-perl-1.3.1-2.1.i386.rpm c2d46f83b7005d48162910a4912a66b351a1bbf2 i386/subversion-javahl-1.3.1-2.1.i386.rpm 174c40bcd851b6ea0164a07ccd2a44603a2661f4 i386/subversion-ruby-1.3.1-2.1.i386.rpm 21c8e8b1a51d4dc91945b1058ba9024afee8888f i386/debug/subversion-debuginfo-1.3.1-2.1.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . ----------------------------------------------------------------------- fedora-announce-list mailing list
Apr 07, 2006
Fedora
89
security advisorybug fixFedora CoreFedora Core 4 Subversion Update: Bug Fixes and Enhancements
This update includes the latest stable release of Subversion, including a number of bug fixes.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2005-813 2005-09-09 ---------------------------------------------------------------------Product : Fedora Core 4 Name : subversion Version : 1.2.3 Release : 2.1 Summary : Modern Version Control System designed to replace CVS Description : Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion is intended to be a compelling replacement for CVS. ---------------------------------------------------------------------Update Information: This update includes the latest stable release of Subversion, including a number of bug fixes. ---------------------------------------------------------------------* Fri Aug 26 2005 Joe Orton 1.2.3-2.1 - update to 1.2.3 (#165465) - add fix for crash in pl_PL (r15880, #166216) - BuildRequire which ---------------------------------------------------------------------This update can be downloaded from: ec8b8373fcdbd5610c003bec7062188f SRPMS/subversion-1.2.3-2.1.src.rpm 1a8da7c52639ebcc27f912feb09432c7 ppc/subversion-1.2.3-2.1.ppc.rpm 3d295f7bab3749a4a18a8f55b83f6edc ppc/subversion-devel-1.2.3-2.1.ppc.rpm cea9d0ff2f8d83308da53b7951df33d0 ppc/mod_dav_svn-1.2.3-2.1.ppc.rpm aa1d7c863071972f7b05f0cdc9db8347 ppc/subversion-perl-1.2.3-2.1.ppc.rpm 68f3f83071c4a82943a24e723b9ee99a ppc/subversion-javahl-1.2.3-2.1.ppc.rpm fb34f7abb412e66d5b10704faed57685 ppc/subversion-ruby-1.2.3-2.1.ppc.rpm 33edb410aa278c031336a0b097e31fcb ppc/debug/subversion-debuginfo-1.2.3-2.1.ppc.rpm 88ac387476939683d0748b4f77ea2b38 x86_64/subversion-1.2.3-2.1.x86_64.rpm 2a4f750c613376f6d4a6152d67610809 x86_64/subversion-devel-1.2.3-2.1.x86_64.rpm 266cfb330d9e61176dee5b26ca2ee8f5 x86_64/mod_dav_svn-1.2.3-2.1.x86_64.rpm c99d04fba2acc9ee09abb56125d3409b x86_64/subversion-perl-1.2.3-2.1.x86_64.rpm b774352cf681b224e6561720249b8f02 x86_64/subversion-javahl-1.2.3-2.1.x86_64.rpm 0293d37e90d826ac55086ae7fc98a188 x86_64/subversion-ruby-1.2.3-2.1.x86_64.rpm 9d7a59ee6e8189a80a25c4803f1963ff x86_64/debug/subversion-debuginfo-1.2.3-2.1.x86_64.rpm 3088f16731bd28a787e5a23f92ccd65a i386/subversion-1.2.3-2.1.i386.rpm 9627fc17b7a6a593e0fcf974fbe12559 i386/subversion-devel-1.2.3-2.1.i386.rpm ce8ac8da512ac050ffe0f76efa3b8eb6 i386/mod_dav_svn-1.2.3-2.1.i386.rpm 6a5b4483f7850c033921b2c53a9beffb i386/subversion-perl-1.2.3-2.1.i386.rpm 7ec13eddce4a4ad2011a92d7444bbeaf i386/subversion-javahl-1.2.3-2.1.i386.rpm a0f44ee11c27660b284c26b32a783df1 i386/subversion-ruby-1.2.3-2.1.i386.rpm a9a4160961df4bd77d5520fca5637f7d i386/debug/subversion-debuginfo-1.2.3-2.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ----------------------------------------------------------------------- fedora-announce-list mailing list
Sep 09, 2005
•Important
Fedora
89
security advisorymoderateupdateFedora Core 3: 2005-791 Moderate: CVS 1.11.17 Security Fix
Updated package.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2005-791 2005-08-23 ---------------------------------------------------------------------Product : Fedora Core 3 Name : cvs Version : 1.11.17 Release : 7.FC3 Summary : A version control system. Description : CVS (Concurrent Version System) is a version control system that can record the history of your files (usually, but not always, source code). CVS only stores the differences between versions, instead of every version of every file you have ever created. CVS also keeps a log of who, when, and why changes occurred. CVS is very helpful for managing releases and controlling the concurrent editing of source files among multiple authors. Instead of providing version control for a collection of files in a single directory, CVS provides version control for a hierarchical collection of directories consisting of revision controlled files. These directories and files can then be combined together to form a software release. ---------------------------------------------------------------------* Tue Aug 23 2005 Martin Stransky 1.11.17-7.FC3 - fix for #166366 - CVS temporary file issue ---------------------------------------------------------------------This update can be downloaded from: 69a876ca0452cb1c73c3be35f4eb19a6 SRPMS/cvs-1.11.17-7.FC3.src.rpm db5de9c27d8901ebb6bdbae1a150c196 x86_64/cvs-1.11.17-7.FC3.x86_64.rpm cafb738040a63eaf2eca539c10e4259a x86_64/debug/cvs-debuginfo-1.11.17-7.FC3.x86_64.rpm 3f062459045d7679ed27f8825ebcb8ef i386/cvs-1.11.17-7.FC3.i386.rpm 74494c45dbb4d46c4f234c36d59ed3a9 i386/debug/cvs-debuginfo-1.11.17-7.FC3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ----------------------------------------------------------------------- fedora-announce-list mailinglist
Aug 23, 2005
•Important
Fedora
89
security advisoryupdatemoderate severityFedora Core 4: 2005-790 Moderate: CVS 1.11.19-9 Update Notification
Updated package.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2005-790 2005-08-23 ---------------------------------------------------------------------Product : Fedora Core 4 Name : cvs Version : 1.11.19 Release : 9 Summary : A version control system. Description : CVS (Concurrent Version System) is a version control system that can record the history of your files (usually, but not always, source code). CVS only stores the differences between versions, instead of every version of every file you have ever created. CVS also keeps a log of who, when, and why changes occurred. CVS is very helpful for managing releases and controlling the concurrent editing of source files among multiple authors. Instead of providing version control for a collection of files in a single directory, CVS provides version control for a hierarchical collection of directories consisting of revision controlled files. These directories and files can then be combined together to form a software release. ---------------------------------------------------------------------* Tue Aug 23 2005 Martin Stransky 1.11.19-9 - fix for #166366 - CVS temporary file issue ---------------------------------------------------------------------This update can be downloaded from: 4bf76c04c60a124330489518b865530d SRPMS/cvs-1.11.19-9.src.rpm cf08814339be854831348d6ee73254df ppc/cvs-1.11.19-9.ppc.rpm f673c301ff24c76b0ce0bd9c179c49f9 ppc/debug/cvs-debuginfo-1.11.19-9.ppc.rpm 990ce8931ca7359cebe6de4b63218a21 x86_64/cvs-1.11.19-9.x86_64.rpm 8e7ccdb5a3e6df223679fb861f9c107b x86_64/debug/cvs-debuginfo-1.11.19-9.x86_64.rpm 29a8086ccac579c5fc525ffc8b35adc6 i386/cvs-1.11.19-9.i386.rpm c261db337d4e26beac46a06bed72907a i386/debug/cvs-debuginfo-1.11.19-9.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ----------------------------------------------------------------------- fedora-announce-list mailing list
Aug 23, 2005
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!