Users with commit access to repos served by git-web could
cause cross site scripting (XSS) issues with XML files
(CVE-2011-2186).

Due to a differently formatted /etc/mime.types openSUSE is
not affected by default.

This update nevertheless turns on git-web's XSS protection
mechanism to avoid similar problems in the future.

To turn XSS protection off again put the following line in
/etc/gitweb.conf:

$prevent_xss = 0;