openSUSE Build Service

Takashi Iwai (tiwai) accepted request 182502 from

Takashi Iwai (tiwai) almost 11 years ago (revision 18)

- Fix VUL-0: cgit: remote file disclosure flaw (CVE-2013-2117,
  bnc#822166)

Takashi Iwai (tiwai) committed over 11 years ago (revision 17)

fix changelog

Takashi Iwai (tiwai) accepted request 142123 from

Marcello Barnaba (vjt) over 11 years ago (revision 16)

Hi,

on OpenSUSE < 12.2, xz is needed in BuildRequire.

Takashi Iwai (tiwai) accepted request 142049 from

Takashi Iwai (tiwai) over 11 years ago (revision 15)

- updated to cgit-0.9.1:
  Enhancements:
  - path-selected submodule links
  - intelligent default branch guessing
  - /etc/mime.types lookup
  - gitweb.* and cgit.* git-config support
  - case insensitive sorting and age sorting
  - commit, repository, and section sorting
  - bold currently viewed page in pagination
  - support BSDs in makefile
  Security:
  - CVE-2012-4465: heap-buffer overflow in parsing.c
  - CVE-2012-4548: syntax highlighting command injection
  Bug Fixes:
  - transition maintainer to Jason Donenfeld (zx2c4)
  - download git snapshot from github instead of Lars' old server
  - css fixes
  - stablization of tests
  - more compatible default highlight script
  - suppress gzip timestamp so that tarballs only use tar timestamps
  - treat ctags as target in makefile
  - do not let global variables override certain local repo settings
  - print ampersand as proper html entity
  - use placeholder for empty commit subject
  - format diff view for addition and removal of files
  - point links at correct blob from ssdiff

Takashi Iwai (tiwai) accepted request 139647 from

Takashi Iwai (tiwai) over 11 years ago (revision 14)

- cgit-CVE-2012-4548-fix.diff:
  Fix VUL-0: cgit: arbitrary code / command execution via
  improperly quoted arguments (CVE-2012-4548, bnc#787074)

Takashi Iwai (tiwai) accepted request 137759 from

Takashi Iwai (tiwai) over 11 years ago (revision 13)

- Fix VUL-0: specially-crafted commits can trigger a heap-based
  buffer overflow (CVE-2012-4465, bnc#783012)

Sascha Peilicke (saschpe) accepted request 104308 from

Stephan Kulow (coolo) over 12 years ago (revision 12)

patch license to follow spdx.org standard

Sascha Peilicke (saschpe) accepted request 94123 from

Oliver Tappe (olta) over 12 years ago (revision 11)

Add cgit-fix-more-read_tree_recursive.diff, this time with 'Changed'-entry.

Sascha Peilicke (saschpe) committed over 12 years ago (revision 10)

Add changes entry for recent patch addition.

Sascha Peilicke (saschpe) accepted request 91993 from

Oliver Tappe (olta) over 12 years ago (revision 9)

The cgit build fix with respect to git-1.7.6 is incomplete: in the file ui-tree.c ls_tree() has been patched to use pathspec when invoking read_tree_recursive(), but cgit_print_tree() has not been touched.

The resulting problem can be seen when browsing the tree of a cgit repository: when you "drill down" into subfolders, parts of the parent folder's contents will appear in the listing.

This patch adjusts cgit_print_tree() accordingly, which fixes the problem.

Takashi Iwai (tiwai) committed over 12 years ago (revision 8)

- split from OBS git repo to an individual repo (since cgit-0.9
  doesn't build with git-1.7.7)
- merged fixes in git repo back to cgit repo

Takashi Iwai (tiwai) committed over 12 years ago (revision 7)

- split from OBS git repo to an individual repo
- merged fixes in git repo back
- updated to git 1.7.6.4

- updated to cgit 0.9.0.2
- fixed potential XSS vulnerability in rename hint
- fixed a segfault with git 1.7.6

- updated to git 1.7.6: see git changelog for more details

- updated to git 1.7.5.4: see git changelog for more details

- Fix incompatibilies with git 1.7.5.x to build cgit again

- Do not buildrequire git, the package builds it's own git and the
  buildrequires line only makes backporting harder.

- updated git 1.7.5.3:
  See git changelog for more details

- updated to git 1.7.4.2:
  documentation updates, small bug fixes;
  see included Documentation/RelNotes/1.7.4.2.txt
- updated to cgit 0.9:
  major updates; using git-1.7.4.x

- updated to git 1.7.3.3:
  In addition to the usual fixes, this release also includes
  support for the new "add.ignoreErrors" name given to the
  existing "add.ignore-errors" configuration variable.

Cristian Rodríguez (elvigia) accepted request 77943 from

Andreas Schneider (gladiac) almost 13 years ago (revision 6)

- updated to cgit 0.9.0.2
- fixed potential XSS vulnerability in rename hint
- fixed a segfault with git 1.7.6

buildservice-autocommit accepted request 45914 from

Takashi Iwai (tiwai) almost 14 years ago (revision 5)

auto commit by copy to link target

Takashi Iwai (tiwai) accepted request 45913 from

Andreas Schneider (gladiac) almost 14 years ago (revision 4)

Copy from home:gladiac:branches:devel:tools:scm/cgit via accept of submit request 45913 revision 2.
Request was accepted with message:
ok

buildservice-autocommit accepted request 45907 from

Takashi Iwai (tiwai) almost 14 years ago (revision 3)

auto commit by copy to link target

Takashi Iwai (tiwai) accepted request 45905 from

Andreas Schneider (gladiac) almost 14 years ago (revision 2)

Copy from home:gladiac:branches:devel:tools:scm/cgit via accept of submit request 45905 revision 2.
Request was accepted with message:
ok

Stephan Kleine (bitshuffler) accepted request 42396 from

Marco Poletti (poletti_marco) almost 14 years ago (revision 1)

Copy from home:poletti_marco/cgit via accept of submit request 42396 revision 1.
Request was accepted with message:
Reviewed ok

Browse Source

Places

Revisions of cgit

Places