Publishing details

Published on 2018-08-16
Copied from ubuntu bionic in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot

Changelog

cgit (1.1+git2.10.2-3ubuntu0.1) bionic-security; urgency=high

  * SECURITY UPDATE: Directory traversal vulnerability.
    - d/p/clone-fix-directory-traversal.patch:
      This fixes a directory traversal vulnerability in CGit
      before 1.2.1 when `enable-http-clone=1` is not turned off,
      as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request.
    - CVE-2018-14912 (LP: #1787021)

 -- Unit 193 <email address hidden>  Tue, 14 Aug 2018 15:57:15 -0400

Available diffs

diff from 1.1+git2.10.2-3build1 (in Ubuntu) to 1.1+git2.10.2-3ubuntu0.1 (1.4 KiB)

Builds

Built packages

cgit hyperfast web frontend for git repositories written in C

cgit-dbgsym debug symbols for cgit

Package files

cgit-dbgsym_1.1+git2.10.2-3ubuntu0.1_amd64.ddeb (1.9 MiB)
cgit-dbgsym_1.1+git2.10.2-3ubuntu0.1_arm64.ddeb (2.0 MiB)
cgit-dbgsym_1.1+git2.10.2-3ubuntu0.1_armhf.ddeb (1.9 MiB)
cgit-dbgsym_1.1+git2.10.2-3ubuntu0.1_i386.ddeb (1.7 MiB)
cgit-dbgsym_1.1+git2.10.2-3ubuntu0.1_ppc64el.ddeb (2.5 MiB)
cgit-dbgsym_1.1+git2.10.2-3ubuntu0.1_s390x.ddeb (2.0 MiB)
cgit_1.1+git2.10.2-3ubuntu0.1.debian.tar.xz (11.4 KiB)
cgit_1.1+git2.10.2-3ubuntu0.1.dsc (2.2 KiB)
cgit_1.1+git2.10.2-3ubuntu0.1_amd64.deb (505.0 KiB)
cgit_1.1+git2.10.2-3ubuntu0.1_arm64.deb (426.1 KiB)
cgit_1.1+git2.10.2-3ubuntu0.1_armhf.deb (430.4 KiB)
cgit_1.1+git2.10.2-3ubuntu0.1_i386.deb (559.8 KiB)
cgit_1.1+git2.10.2-3ubuntu0.1_ppc64el.deb (641.3 KiB)
cgit_1.1+git2.10.2-3ubuntu0.1_s390x.deb (466.4 KiB)
cgit_1.1+git2.10.2.orig.tar.gz (5.8 MiB)