From f27e3a1bbe55b5b1c1cd80158452c452c8f00fe8 Mon Sep 17 00:00:00 2001
From: bojan <bojan@fedoraproject.org>
Date: Aug 11 2009 22:25:23 +0000
Subject: Bump up to 1.0.9. Two security fixes.


---

diff --git a/sources b/sources
index f8a00ad..8cc3926 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-2070392e6f9ce537f7f1b2daf9c7a216  viewvc-1.0.8.tar.gz
+5aa48bb866f65bfcf32aa0cd581bf7d3  viewvc-1.0.9.tar.gz
diff --git a/viewvc.spec b/viewvc.spec
index 08ed5a0..6531736 100644
--- a/viewvc.spec
+++ b/viewvc.spec
@@ -16,7 +16,7 @@
 
 
 Name:           viewvc
-Version:        1.0.8
+Version:        1.0.9
 Release:        1%{?dist}
 Summary:        Browser interface for CVS and SVN version control repositories
 
@@ -126,6 +126,11 @@ This version only supports CVS repositories.
 %attr(0700,apache,apache) %{_localstatedir}/spool/viewvc
 
 %changelog
+* Wed Aug 12 2009 Bojan Smojver <bojan@rexursive.com> - 1.0.9-1
+- bump up to 1.0.9
+- security fix: validate the 'view' parameter to avoid XSS attack
+- security fix: avoid printing illegal parameter names and values
+
 * Thu May  7 2009 Bojan Smojver <bojan@rexursive.com> - 1.0.8-1
 - Bump up to 1.0.8