* SECURITY UPDATE: Directory traversal vulnerability.
- d/p/clone-fix-directory-traversal.patch:
This fixes a directory traversal vulnerability in CGit
before 1.2.1 when `enable-http-clone=1` is not turned off,
as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request.
- CVE-2018-14912 (LP: #1787021)
-- Unit 193 <email address hidden> Tue, 14 Aug 2018 15:57:15 -0400
This bug was fixed in the package cgit - 1.1+git2. 10.2-3ubuntu0. 1
--------------- 10.2-3ubuntu0. 1) bionic-security; urgency=high
cgit (1.1+git2.
* SECURITY UPDATE: Directory traversal vulnerability. fix-directory- traversal. patch: http-clone= 1` is not turned off, cgi/git/ objects/ ?path=. ./ request.
- d/p/clone-
This fixes a directory traversal vulnerability in CGit
before 1.2.1 when `enable-
as demonstrated by a cgit/cgit.
- CVE-2018-14912 (LP: #1787021)
-- Unit 193 <email address hidden> Tue, 14 Aug 2018 15:57:15 -0400