Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Cross-Site Scripting in yourls
Aktuelle Meldungen Distributionen
Name: Cross-Site Scripting in yourls
ID: FEDORA-2015-5972
Distribution: Fedora
Plattformen: Fedora 20
Datum: Mi, 29. April 2015, 16:38
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8488

Originalnachricht

Name        : yourls
Product : Fedora 20
Version : 1.7
Release : 3.20150410gitabc7d6c.fc20
URL : http://yourls.org
Summary : Your Own URL Shortener
Description :
YOURLS is a small set of PHP scripts that will allow you to run your own URL
shortening service (a la TinyURL). You can make it private or public,
you can pick custom keyword URLs, it comes with its own API.

-------------------------------------------------------------------------------
-
Update Information:

Update to the latest master from git
-------------------------------------------------------------------------------
-
ChangeLog:

* Fri Apr 10 2015 Martin Krizek <mkrizek@redhat.com> -
1.7-3.20150410gitabc7d6c
- Update to the latest master from git
- Fix bz #1157335
* Thu Feb 13 2014 Martin Krizek <mkrizek@redhat.com> - 1.7-1
- Update to 1.7
- Add upstream patch solving: Incorrect error message after installation
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1157335 - CVE-2014-8488 yourls: cross-site scripting (XSS) flaw
https://bugzilla.redhat.com/show_bug.cgi?id=1157335
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update yourls' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung