Format: 1.7
Date: Thu, 12 Feb 2009 15:49:08 -0500
Source: git-core
Binary: git-core git-doc git-arch git-cvs git-svn git-email git-daemon-run git-gui gitk gitweb
Architecture: hppa hppa_translations
Version: 1:1.5.4.3-1ubuntu2.1
Distribution: hardy
Urgency: high
Maintainer: Ubuntu/hppa Build Daemon <buildd@primero.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 git-arch   - fast, scalable, distributed revision control system (arch interop
 git-core   - fast, scalable, distributed revision control system
 git-cvs    - fast, scalable, distributed revision control system (cvs interope
 git-daemon-run - fast, scalable, distributed revision control system (git-daemon s
 git-doc    - fast, scalable, distributed revision control system (documentatio
 git-email  - fast, scalable, distributed revision control system (email add-on
 git-gui    - fast, scalable, distributed revision control system (GUI)
 git-svn    - fast, scalable, distributed revision control system (svn interope
 gitk       - fast, scalable, distributed revision control system (revision tre
 gitweb     - fast, scalable, distributed revision control system (web interfac
Launchpad-Bugs-Fixed: 248750 317052
Changes: 
 git-core (1:1.5.4.3-1ubuntu2.1) hardy-security; urgency=high
 .
   [ David Leadbeater ]
   * SECURITY UPDATE: Fix remote code execution in gitweb (LP: #317052)
     - CVE-2008-5516: http://repo.or.cz/w/git.git?a=commitdiff;h=c582abae
     - CVE-2008-5517: http://repo.or.cz/w/git.git?a=commitdiff;h=516381d5
 .
   [ Marc Deslauriers ]
   * SECURITY UPDATE: arbitrary code execution via long PATH in diff_addremove
     and diff_change (LP: #248750)
     - debian/diff/0007-SECURITY-CVE-2008-3546.diff: safely build the full path.
     - CVE-2008-3546
   * SECURITY UPDATE: arbitrary command execution via diff.external configuration
     variable.
     - debian/diff/0008-SECURITY-CVE-2008-5916.diff: remove unused legacy-style
       URI code in gitweb/gitweb.perl.
     - CVE-2008-5916
Files: 
 52c4fc48f3c2394229e141ee49c2c265 3134492 devel optional git-core_1.5.4.3-1ubuntu2.1_hppa.deb
 2f129c8a317b4622f663f75b7d07eb90 109238 raw-translations - git-core_1.5.4.3-1ubuntu2.1_hppa_translations.tar.gz
Original-Maintainer: Gerrit Pape <pape@smarden.org>