Mandriva Linux Security Advisory : git (MDVSA-2010:256)
Medium Nessus Plugin ID 51336
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability was discovered and corrected in git (gitweb) :
A cross-site scripting (XSS) vulnerability in Gitweb 126.96.36.199 and previous versions allows remote attackers to inject arbitrary web script or HTML code via f and fp variables (CVE-2010-3906).
The updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.