Skip navigation

Infodrom Oldenburg

— viewcvs —

7.12.2004: Information leak viewcvs 0.9/1.0
Haris Sehic discovered several vulnerabilities in viewcvs, a utility for viewing CVS and Subversion repositories via HTTP. When exporting a repository as a tar archive the hide_cvsroot and forbidden settings were not honoured enough.
Download: Patch for 0.9.2, and 1.0.
© Infodrom Oldenburg  Datenschutz, page source history
Last modified: April 22, 2016