Bug 457362 (CVE-2008-3381)
| Summary: | CVE-2008-3381 moin: XSS issue in the advanced search form | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Tomas Hoger <thoger> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | vpvainio |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2009-05-02 17:33:48 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 457363, 457364 | ||
| Bug Blocks: | |||
|
Description
Tomas Hoger
2008-07-31 07:26:20 UTC
There's no MoinMoin/macro/AdvancedSearch.py in moin 1.5.9 in F-8, so it's probably unaffected. moin-1.6.4-1.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/moin-1.6.4-1.fc10 moin-1.6.4-1.fc9 has been submitted as an update for Fedora 9. http://admin.fedoraproject.org/updates/moin-1.6.4-1.fc9 moin-1.6.4-1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. moin-1.6.4-1.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. I'm closing this bug because the fix has been pushed and the update had security team approval. Please reopen if something related to this vulnerability is not fixed. |