Bugzilla – Bug 850929
VUL-1: CVE-2012-6149: spacewalk-java: XSS in system.addNote XML-RPC call due improper sanitization of note's subject and content
Last modified: 2014-02-11 18:06:16 UTC
bugbot adjusting priority
The SWAMPID for this issue is 55894. This issue was rated as moderate. Please submit fixed packages until 2014-01-31. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
public and released
Update released for: spacewalk-backend, spacewalk-backend-app, spacewalk-backend-applet, spacewalk-backend-config-files, spacewalk-backend-config-files-common, spacewalk-backend-config-files-tool, spacewalk-backend-iss, spacewalk-backend-iss-export, spacewalk-backend-libs, spacewalk-backend-package-push-server, spacewalk-backend-server, spacewalk-backend-sql, spacewalk-backend-sql-oracle, spacewalk-backend-sql-postgresql, spacewalk-backend-tools, spacewalk-backend-xml-export-libs, spacewalk-backend-xmlrpc, spacewalk-backend-xp, spacewalk-base, spacewalk-base-minimal, spacewalk-branding, spacewalk-certs-tools, spacewalk-dobby, spacewalk-grail, spacewalk-html, spacewalk-java, spacewalk-java-config, spacewalk-java-lib, spacewalk-java-oracle, spacewalk-java-postgresql, spacewalk-java-tests, spacewalk-pxt, spacewalk-search, spacewalk-sniglets, spacewalk-taskomatic, spacewalk-utils, spacewalk-web, susemanager, susemanager-tools Products: SUSE-MANAGER 1.7 (x86_64)
SUSE-SU-2014:0222-1: An update that solves 5 vulnerabilities and has 6 fixes is now available. Category: security (moderate) Bug References: 834415,846356,850925,850927,850928,850929,850930,853913,854090,858197,858652 CVE References: CVE-2010-2236,CVE-2012-6149,CVE-2013-1869,CVE-2013-1871,CVE-2013-4415 Sources used: SUSE Manager 1.7 for SLE 11 SP2 (src): spacewalk-backend-1.7.38.31-0.5.1, spacewalk-branding-1.7.1.11-0.5.1, spacewalk-certs-tools-1.7.3.11-0.5.1, spacewalk-java-1.7.54.30-0.5.1, spacewalk-search-1.7.3.12-0.5.1, spacewalk-utils-1.7.15.12-0.5.3, spacewalk-web-1.7.28.20-0.5.1, susemanager-1.7.27-0.5.2