Overview

File _patchinfo of Package patchinfo.8554

<patchinfo incident="8554">
  <issue tracker="bnc" id="1103799"></issue>
  <issue tracker="cve" id="2018-14912"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>jengelh</packager>
  <description>This update for cgit to version 1.2.1 fixes the following issues:

The following security vulnerability was addressed:

- CVE-2018-14912: Fixed a directory traversal vulnerability, when
  enable-http-clone=1 is not turned off (boo#1103799)

The following other changes were made:

- Update to upstream release 1.2.1:
  - syntax-highlighting: replace invalid unicode with '?'
  - ui-repolist: properly sort by age
  - ui-patch: fix crash when using path limit

- Update bundled git to 2.11.1

- Update to upstream release 1.0:
  * Add repo.homepage/gitweb.homepage setting and homepage tab.
  * Show reverse paths in title bar so that browser tab shows
    filename.
  * Allow redirects even when caching is turned on.
  * More gracefully deal with unparsable commits.
</description>
  <summary>Security update for cgit</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places