Format: 1.8
Date: Tue, 14 Aug 2018 15:57:15 -0400
Source: cgit
Binary: cgit
Architecture: arm64
Version: 1.1+git2.10.2-3ubuntu0.1
Distribution: bionic
Urgency: high
Maintainer: Launchpad Build Daemon <buildd@bos02-arm64-024.buildd>
Changed-By: Unit 193 <unit193@ubuntu.com>
Description:
 cgit       - hyperfast web frontend for git repositories written in C
Launchpad-Bugs-Fixed: 1787021
Changes:
 cgit (1.1+git2.10.2-3ubuntu0.1) bionic-security; urgency=high
 .
   * SECURITY UPDATE: Directory traversal vulnerability.
     - d/p/clone-fix-directory-traversal.patch:
       This fixes a directory traversal vulnerability in CGit
       before 1.2.1 when `enable-http-clone=1` is not turned off,
       as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request.
     - CVE-2018-14912 (LP: #1787021)
Checksums-Sha1:
 2e3804763e189d602e631252b7bb03f7d2f04f65 2079872 cgit-dbgsym_1.1+git2.10.2-3ubuntu0.1_arm64.ddeb
 5ebea2548d49966ee8d89044ff97e7a2fde5ded7 7267 cgit_1.1+git2.10.2-3ubuntu0.1_arm64.buildinfo
 0e9db065661033dc8328d78a3c6146d7dc52b71d 436352 cgit_1.1+git2.10.2-3ubuntu0.1_arm64.deb
Checksums-Sha256:
 a7387877f1d46bea2c63ec11e610747d1e831d4ce5989be13f946a57e4d6f412 2079872 cgit-dbgsym_1.1+git2.10.2-3ubuntu0.1_arm64.ddeb
 cb8681c5a95b05b9744e4b1445dc14b2a05512f8852fe5f95410ab0705ea288b 7267 cgit_1.1+git2.10.2-3ubuntu0.1_arm64.buildinfo
 8aa1c7d7b48268c6ae53b8996c31e999d29b622eebfdb4cd72e17d7277092d36 436352 cgit_1.1+git2.10.2-3ubuntu0.1_arm64.deb
Files:
 757ee670163cb3878369c3cfd971e546 2079872 debug optional cgit-dbgsym_1.1+git2.10.2-3ubuntu0.1_arm64.ddeb
 bf9c42bd32d8b5aa2d4574d88d86ded8 7267 net extra cgit_1.1+git2.10.2-3ubuntu0.1_arm64.buildinfo
 3b2040399b6124b881705edf53c3f11c 436352 net extra cgit_1.1+git2.10.2-3ubuntu0.1_arm64.deb
Original-Maintainer: Debian Cgit Packaging Team <pkg-cgit-devel@lists.alioth.debian.org>