Copied from
ubuntu bionic in
Private PPA for Ubuntu Security Team
by Ubuntu Archive Robot
Changelog
cgit (1.1+git2.10.2-3ubuntu0.1) bionic-security; urgency=high
* SECURITY UPDATE: Directory traversal vulnerability.
- d/p/clone-fix-directory-traversal.patch:
This fixes a directory traversal vulnerability in CGit
before 1.2.1 when `enable-http-clone=1` is not turned off,
as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request.
- CVE-2018-14912 (LP: #1787021)
-- Unit 193 <email address hidden> Tue, 14 Aug 2018 15:57:15 -0400