Overview
Request 512022 accepted
- Update to 0.6.2:
_This is a vulnerability fix release._
Fixes a XSS issue in which the remote VNC server could inject
arbitrary HTML into the noVNC web page via the messages propagated
to the status field, such as the VNC server name.
This affects users of vnc_auto.html and vnc.html, as well as any
users of include/ui.js.
- Created by dirkmueller
- In state accepted
Request History
dirkmueller created request
- Update to 0.6.2:
_This is a vulnerability fix release._
Fixes a XSS issue in which the remote VNC server could inject
arbitrary HTML into the noVNC web page via the messages propagated
to the status field, such as the VNC server name.
This affects users of vnc_auto.html and vnc.html, as well as any
users of include/ui.js.
factory-auto added factory-repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
staging-bot added as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:66"
staging-bot accepted review
Picked openSUSE:Factory:Staging:adi:66
factory-repo-checker accepted review
Builds for repo openSUSE:Factory:Staging:adi:66/standard
licensedigger accepted review
ok
staging-bot accepted review
ready to accept
staging-bot approved review
ready to accept
maxlin_factory accepted request
Accept to openSUSE:Factory
