cgit 0.10.2.git2.0.1-3+deb8u1 source package in Debian
Changelog
cgit (0.10.2.git2.0.1-3+deb8u1) jessie-security; urgency=high * Non-maintainer upload by the Security Team. * CVE-2016-1899: Reflected XSS and header injection in mimetype query string (Closes: #812411) * CVE-2016-1900: Stored cross site scripting and header injection in filename parameter (Closes: #812411) * CVE-2016-1901: Integer overflow resulting in buffer overflow (Closes: #812411) * filters: apply HTML escaping. Addresses cross-site scripting vulnerability in via the txt2html filter. -- Salvatore Bonaccorso <email address hidden> Mon, 04 Apr 2016 08:41:52 +0200
Upload details
- Uploaded by:
- Alexander Wirt
- Uploaded to:
- Jessie
- Original maintainer:
- Alexander Wirt
- Architectures:
- any
- Section:
- misc
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Jessie | release | main | misc |
Builds
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
cgit_0.10.2.git2.0.1-3+deb8u1.dsc | 1.8 KiB | 923e36322a6b87505ec2dd335cf72e0f8399eb98e75923079430d46d237d679d |
cgit_0.10.2.git2.0.1.orig.tar.gz | 4.9 MiB | 9e4070ad5a2fda0375b92df4805f861da9022bbd861ee2d402fc8c39e2dbf681 |
cgit_0.10.2.git2.0.1-3+deb8u1.debian.tar.xz | 10.8 KiB | f1e7cbb1c2808a3c1340bac1da6b5ae3ac6bb55bc53e54c8f43358b5da9cf31a |
No changes file available.