Red Hat Bugzilla – Bug 713301
CVE-2011-2186 gitweb: persistent XSS by users with commit privileges [epel-5]
Last modified: 2017-04-06 06:25:32 EDT
epel-5 tracking bug for gitweb-caching: see blocks bug list for full details of the security issue(s).
This bug is never intended to be made public, please put any public notes
in the 'blocks' bugs.
[bug automatically created by: add-tracking-bugs]
This bug is VERY old, do we have an udpate/patch for this?
We are still at version:
Gitweb is now part of the git package as of 1.4.0. Current version of git is:
Which includes gitweb (and fixed)
Unless there are objections I plan on having this package marked as abandoned/obsolete and removed from the repos.
Fedora EPEL 5 changed to end-of-life (EOL) status on 2017-03-31. Fedora EPEL 5
is no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.
If you can reproduce this bug against a currently maintained version of Fedora
or Fedora EPEL, please feel free to reopen this bug against that version. If
you are unable to reopen this bug, please file a new report against the current
release. If you experience problems, please add a comment to this bug.
Thank you for reporting this bug and we are sorry it could not be fixed.