Format: 1.8
Date: Tue, 14 Aug 2018 15:57:15 -0400
Source: cgit
Binary: cgit
Architecture: i386
Version: 1.1+git2.10.2-3ubuntu0.1
Distribution: bionic
Urgency: high
Maintainer: Launchpad Build Daemon <buildd@lgw01-amd64-055.buildd>
Changed-By: Unit 193 <unit193@ubuntu.com>
Description:
 cgit       - hyperfast web frontend for git repositories written in C
Launchpad-Bugs-Fixed: 1787021
Changes:
 cgit (1.1+git2.10.2-3ubuntu0.1) bionic-security; urgency=high
 .
   * SECURITY UPDATE: Directory traversal vulnerability.
     - d/p/clone-fix-directory-traversal.patch:
       This fixes a directory traversal vulnerability in CGit
       before 1.2.1 when `enable-http-clone=1` is not turned off,
       as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request.
     - CVE-2018-14912 (LP: #1787021)
Checksums-Sha1:
 f8f16f2db7fe1c8e43d03945be0aac624aa472c1 1821892 cgit-dbgsym_1.1+git2.10.2-3ubuntu0.1_i386.ddeb
 913d5cbaef8e7eeb76d4e3441d1f6b1be354fcfd 7293 cgit_1.1+git2.10.2-3ubuntu0.1_i386.buildinfo
 ab9df916843b76dd6c2f8a68e8d56112f23ca08b 573268 cgit_1.1+git2.10.2-3ubuntu0.1_i386.deb
Checksums-Sha256:
 395eada56d9cd09da08ee5c3b6e25ad937598ea610c9baace79c62fa281e4965 1821892 cgit-dbgsym_1.1+git2.10.2-3ubuntu0.1_i386.ddeb
 6eddc36a2092147bb9293d24c2b0ee4b97c840ff4fa543ce2cd5656dcc101e7e 7293 cgit_1.1+git2.10.2-3ubuntu0.1_i386.buildinfo
 d47656007b876d7d546d01a4b48822c37ec6b614f0308db385c1f54b1b845aa0 573268 cgit_1.1+git2.10.2-3ubuntu0.1_i386.deb
Files:
 f146b04ce367664871c8419adc4690b6 1821892 debug optional cgit-dbgsym_1.1+git2.10.2-3ubuntu0.1_i386.ddeb
 d7053b58c22ed38b8b07d8091a400dde 7293 net extra cgit_1.1+git2.10.2-3ubuntu0.1_i386.buildinfo
 4a9fc068f8969f66611362e7dc8a0145 573268 net extra cgit_1.1+git2.10.2-3ubuntu0.1_i386.deb
Original-Maintainer: Debian Cgit Packaging Team <pkg-cgit-devel@lists.alioth.debian.org>