Updated viewvc packages fix security vulnerabilityPublication date: 18 Feb 2017
Affected Mageia releases : 5
Thomas Gerbet discovered that viewvc, a web interface for CVS and Subversion repositories, did not properly sanitize user input. This problem resulted in a potential Cross-Site Scripting vulnerability (CVE-2017-5938). The viewvc package has been updated to version 1.1.26 which fixes this issue.