The latest update of viewvc (viewvc-2240) does no longer work with CVS
(on OpenSUSE 11.1).
An Exception Has Occurred
Traceback (most recent call last):
File "/srv/viewvc/lib/viewvc.py", line 3765, in main
File "/srv/viewvc/lib/viewvc.py", line 399, in run_viewvc
File "/srv/viewvc/lib/viewvc.py", line 1614, in view_directory
row.log = format_log(file.log, cfg)
File "/srv/viewvc/lib/viewvc.py", line 1014, in format_log
s = htmlify(log[:cfg.options.short_log_len], cfg.options.buglink_base)
TypeError: htmlify() takes exactly 1 argument (2 given)
If I change line 1002 in viewvc.py from
def htmlify(html, buglink):
it works again.
PS: I've been notified, that this bug is already fixed at suse, so this is
just a heads up for the other people here. Apparently it works on 11.2,
but I can't verify it at the moment.
On Mar 30, Sebastian Krahmer <krahmer(a)suse.de> wrote:
> 1) Solved Security Vulnerabilities:
> - viewvc
> - viewvc
> Query forms didn't escape user provided input, therefore allowing
> cross-site-scripting (XSS) attacks.
> CVE-2010-0736 has been assigned to this issue.
> Affected products: openSUSE 11.0-11.2
To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security+help(a)opensuse.org