cgit 0.10.2.git2.0.1-3+deb8u1 source package in Debian
Changelog
cgit (0.10.2.git2.0.1-3+deb8u1) jessie-security; urgency=high
* Non-maintainer upload by the Security Team.
* CVE-2016-1899: Reflected XSS and header injection in mimetype query
string (Closes: #812411)
* CVE-2016-1900: Stored cross site scripting and header injection in
filename parameter (Closes: #812411)
* CVE-2016-1901: Integer overflow resulting in buffer overflow
(Closes: #812411)
* filters: apply HTML escaping.
Addresses cross-site scripting vulnerability in via the
txt2html filter.
-- Salvatore Bonaccorso <email address hidden> Mon, 04 Apr 2016 08:41:52 +0200
Upload details
- Uploaded by:
- Alexander Wirt
- Uploaded to:
- Jessie
- Original maintainer:
- Alexander Wirt
- Architectures:
- any
- Section:
- misc
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Jessie | release | main | misc |
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| cgit_0.10.2.git2.0.1-3+deb8u1.dsc | 1.8 KiB | 923e36322a6b87505ec2dd335cf72e0f8399eb98e75923079430d46d237d679d |
| cgit_0.10.2.git2.0.1.orig.tar.gz | 4.9 MiB | 9e4070ad5a2fda0375b92df4805f861da9022bbd861ee2d402fc8c39e2dbf681 |
| cgit_0.10.2.git2.0.1-3+deb8u1.debian.tar.xz | 10.8 KiB | f1e7cbb1c2808a3c1340bac1da6b5ae3ac6bb55bc53e54c8f43358b5da9cf31a |
No changes file available.
