Security update for cgit
The git web frontend cgit was updated to 0.11.2 to fix security issues and bugs.
The following vulnerabilities were fixed:
* CVE-2014-9390: arbitrary command execution vulnerability on case-insensitive file systems in git. Malicious commits could affect client users on all platforms using case-insensitive file systems when using vulnerable git versions.
In addition cgit was updated to 0.11.2 with minor improvements and bug fixes.
The embedded git version was updated to 2.4.3.
-
Submitted by
Jan Engelhardt (jengelh)
Fixed bugs
bnc#910756
VUL-0: CVE-2014-9390: git: arbitrary command execution vulnerability on case-insensitive file systems
